Trend Micro Anti-Spyware And PC-cillin SSAPI Engine Local Stack Buffer Overflow Vulnerability
BID:25388
Info
Trend Micro Anti-Spyware And PC-cillin SSAPI Engine Local Stack Buffer Overflow Vulnerability
| Bugtraq ID: | 25388 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-3873 |
| Remote: | No |
| Local: | Yes |
| Published: | Aug 21 2007 12:00AM |
| Updated: | Aug 31 2007 12:42AM |
| Credit: | Ismael Briones is credited with discovering this issue. |
| Vulnerable: |
Trend Micro PC-Cillin Internet Security 2007 Trend Micro Anti-Spyware for Consumer 3.5 |
| Not Vulnerable: | |
Discussion
Trend Micro Anti-Spyware And PC-cillin SSAPI Engine Local Stack Buffer Overflow Vulnerability
Trend Micro Anti-Spyware and PC-cillin Internet Security are prone to a local stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
This issue affects a library in Trend Micro's SSAPI Engine.
Successful exploits may allow an attacker to execute arbitrary code with SYSTEM-level privileges. This may facilitate a complete compromise of vulnerable servers. Failed exploit attempts will likely result in denial-of-service conditions.
Trend Micro Anti-Spyware for Consumer 3.5 and PC-cillin Internet Security 2007 are vulnerable.
Trend Micro Anti-Spyware and PC-cillin Internet Security are prone to a local stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
This issue affects a library in Trend Micro's SSAPI Engine.
Successful exploits may allow an attacker to execute arbitrary code with SYSTEM-level privileges. This may facilitate a complete compromise of vulnerable servers. Failed exploit attempts will likely result in denial-of-service conditions.
Trend Micro Anti-Spyware for Consumer 3.5 and PC-cillin Internet Security 2007 are vulnerable.
Exploit / POC
Trend Micro Anti-Spyware And PC-cillin SSAPI Engine Local Stack Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
Trend Micro Anti-Spyware And PC-cillin SSAPI Engine Local Stack Buffer Overflow Vulnerability
Solution:
Trend Micro released a hotfix to address this issue. Please see the references for more information.
Trend Micro Anti-Spyware for Consumer 3.5
Trend Micro PC-Cillin Internet Security 2007
Solution:
Trend Micro released a hotfix to address this issue. Please see the references for more information.
Trend Micro Anti-Spyware for Consumer 3.5
-
Trend Micro pcc_2007_1530_win_en_ssapi_5_2_1028.exe
ftp://conftpuser:[email protected]/consume r/Tools/Hotfix/pcc_2007_1530_win_en_ssapi_5_2_1028.exe
Trend Micro PC-Cillin Internet Security 2007
-
Trend Micro pcc_2007_1530_win_en_ssapi_5_2_1028.exe
ftp://conftpuser:[email protected]/consume r/Tools/Hotfix/pcc_2007_1530_win_en_ssapi_5_2_1028.exe
References
Trend Micro Anti-Spyware And PC-cillin SSAPI Engine Local Stack Buffer Overflow Vulnerability
References:
References:
- [Hot Fix]B1028 - The SSAPI module crashes once a folder or file exceeds the max_ (Trend Micro)
- Trend Micro Homepage (Trend Micro)
- iDefense Security Advisory 08.20.07: Trend Micro SSAPI Long Path Buffer Overflow (iDefense Labs)
- iDefense Security Advisory 08.20.07: Trend Micro SSAPI Long Path Buffer Overflow (iDefense Labs)