Trend Micro ServerProtect SpntSvc.EXE Remote Stack Based Buffer Overflow Vulnerability
BID:23868
Info
Trend Micro ServerProtect SpntSvc.EXE Remote Stack Based Buffer Overflow Vulnerability
| Bugtraq ID: | 23868 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-2508 |
| Remote: | Yes |
| Local: | No |
| Published: | May 07 2007 12:00AM |
| Updated: | May 07 2015 05:39PM |
| Credit: | Eric DETOISIEN is credited with the discovery of this vulnerability. |
| Vulnerable: |
Trend Micro ServerProtect 5.58 |
| Not Vulnerable: | |
Discussion
Trend Micro ServerProtect SpntSvc.EXE Remote Stack Based Buffer Overflow Vulnerability
Trend Micro ServerProtect is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
Exploiting this issue allows attackers to execute arbitrary machine code with SYSTEM-level privileges and to completely compromise affected computers. Failed exploit attempts will result in a denial of service.
Trend Micro ServerProtect is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
Exploiting this issue allows attackers to execute arbitrary machine code with SYSTEM-level privileges and to completely compromise affected computers. Failed exploit attempts will result in a denial of service.
Exploit / POC
Trend Micro ServerProtect SpntSvc.EXE Remote Stack Based Buffer Overflow Vulnerability
The following exploit code is available as a module for the Metasploit Framework:
The following exploit code is available as a module for the Metasploit Framework:
Solution / Fix
Trend Micro ServerProtect SpntSvc.EXE Remote Stack Based Buffer Overflow Vulnerability
Solution:
The vendor has released fixes to address this issue. Please see the references for more information.
Solution:
The vendor has released fixes to address this issue. Please see the references for more information.
References
Trend Micro ServerProtect SpntSvc.EXE Remote Stack Based Buffer Overflow Vulnerability
References:
References:
- Trend Micro Homepage (Trend Micro)
- Trend Micro Product Update Page (Trend Micro )
- ZDI-07-025: Trend Micro ServerProtect AgRpcCln.dll Stack Overflow Vulnerability (Zero Day Initiative)
- Vulnerability Note VU#488424 Trend Micro ServerProtect SpntSvc buffer overflow v (US-CERT)