The Trend Micro InterScan Web Security Suite (IWSS) will run scripts titled either “PatchExe.sh” or “RollbackExe.sh” out of the current directory with root privileges regardless of the privileges with which the IWSS was initially launched with. Successful exploitation would give an attacker root level access to the target machine.
Trend Micro InterScan Web Security Suite for Linux and Solaris 3.1 and prior
Elevation of Privilege
This local vulnerability allows an attacker with file write privileges to run arbitrary scripts under the context of system root.
BeyondTrust Prevention and Detection:
No mitigation has been provided.