Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Office scan NT


  • Please log in to reply
2 replies to this topic

#1 Vachaspathi

Vachaspathi

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:00 PM

Posted 29 July 2010 - 09:13 PM

Hi, i am a NOC engr, working for a Netwrking Company, we proactively manage servers.

One of our client using Trend micro office scan version 8.0 sp1 installed in the Database server(windows server 2003 Enterprse Edition 64bit, sp1).

my question is,

the service "office scan nt listener" related to the antivirus will keep on restarting...

is it normal? or does it require any action?

please let me know.

regards,

vachaspathi

BC AdBot (Login to Remove)

 


#2 MrBruce1959

MrBruce1959

    My cat Oreo


  • BC Advisor
  • 6,377 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norwich, Connecticut. in the USA
  • Local time:07:30 AM

Posted 08 August 2010 - 10:54 PM

I found some information regarding the 8.0 version of trend Micro office scan at this link. http://secunia.com/advisories/32097

Although the warning is partially blocked it still mentions a vulnerability with-in this software package.

The wording is as I have it below.

Some vulnerabilities have been reported in Trend Micro OfficeScan, which can be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or compromise a vulnerable system.

1) A vulnerability in the "OfficeScanNT Listener" service can be exploited by malicious people to disclose sensitive information.

For more information:
SA31343

2) Unspecified errors exist within the OfficeScan server CGI modules, which can be exploited to cause buffer overflows and allow execution of arbitrary code.

3) A NULL-pointer dereference error within the OfficeScan server CGI modules when handling HTTP headers can potentially be exploited to cause a DoS.

The vulnerabilities are reported in Trend Micro OfficeScan 8.0.

(end of message)

Also http://esupport.trendmicro.com/9/Trend-Mic...flow-Issue.aspx

I am not sure if the service restarting is normal.

http://esupport.trendmicro.com/Pages/How-t...are-threat.aspx

I would recommend updating to 10.0 at the link below just to be safe, 8.0 seems to have too many security issues.

http://downloadcenter.trendmicro.com/index...&lang_loc=1

Bruce.
Welcome to Bleeping Computer! :welcome:
New Members: Please click here for the Bleeping Computer Forum Board Rules
 
My Career Involves 37 Years as an Electronics Repair Technician, to Which I am Currently Retired From.

I Am Currently Using Windows 10 Home Edition.

As a Volunteer Staff Member of Bleeping Computer, the Help That I Proudly Provide Here To Our BC Forum Board Membership is Free of Charge. :wink:

#3 Richie Moore

Richie Moore

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:30 AM

Posted 08 September 2010 - 11:02 AM

We use TM OfficeScan client/server on our network.
That service runs on client PCs or Servers to 'listen' for commands from the network TM Server and to communicate back to the server.
I believe it's maintainly for auto updating the software and to report back to the admin server what it's conditions are.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users