PC-Cillin Subject to Denial of Service
Reported December 31, 1999 by
Daniel Stasinski
Trend Micro PC-Cillin v6.x


Version 6.x of Trend Micro"s PC-Cillin Anti-Virus software can be subjected to a remote DoS attack and possibly authorized relays.

As part of it"s Java/ActiveX protection, it routes all http requests through its own internal proxy on port 8431. Unfortunately, it allows anyone anywhere to connect to that port and dump enough data through it to saturate an unexpected victims connection. Their tech"s could not confirm or deny if remote users are able to get an outbound connection from the victims


Daniel has contacted Trend Micro and advised them of the problem, however according to Daniel the company has no plans to release a fix but would instead fix the problem in the next major release (v7.0 ?)

Discovered by
Daniel Stasinski