Rod Boron

4 exploits Active since Dec 2003
CVE-2003-1341 EXPLOITDB text WRITEUP
Trend Micro OfficeScan <3.54, 5.x - Auth Bypass
The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe.
CVE-2003-1343 EXPLOITDB text WRITEUP
Trend Micro ScanMail < 3.8 - Improper Authentication via Backdoor Account
Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door account in smg_Smxcfg30.exe, which allows remote attackers to gain access to the web management interface via the vcc parameter, possibly "3560121183d3".
CVE-2003-1344 EXPLOITDB text WRITEUP
Trend Micro Virus Control System - Information Disclosure via Log Collector getservers.exe Action Parameter
Trend Micro Virus Control System (TVCS) Log Collector allows remote attackers to obtain usernames, encrypted passwords, and other sensitive information via a URL request for getservers.exe with the action parameter set to "selects1", which returns log files.
CVE-2003-1342 EXPLOITDB text WRITEUP
Trend Micro Virus Control System 1.8 - Denial of Service via ActiveSupport.exe URL Requests
Trend Micro Virus Control System (TVCS) 1.8 running with IIS allows remote attackers to cause a denial of service (memory consumption) in IIS via multiple URL requests for ActiveSupport.exe.