Trend Micro ServerProtect Multiple RPC Remote Buffer Overflow Vulnerabilities
BID:25395
Info
Trend Micro ServerProtect Multiple RPC Remote Buffer Overflow Vulnerabilities
| Bugtraq ID: | 25395 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-4218 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 21 2007 12:00AM |
| Updated: | Sep 10 2007 08:41PM |
| Credit: | Discovery is credited to Code Audit Labs, Jun Mao of iDefense Labs, and anonymous researchers. |
| Vulnerable: |
Trend Micro ServerProtect for Windows 5.58 |
| Not Vulnerable: | |
Discussion
Trend Micro ServerProtect Multiple RPC Remote Buffer Overflow Vulnerabilities
Trend Micro ServerProtect is prone to multiple remote buffer-overflow vulnerabilities because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
Nine buffer-overflow vulnerabilities affect the 'SpntSvc.exe' and agent services that listen on TCP ports 5168 and 3628. Attackers may exploit these vulnerabilities over RPC interfaces that are exposed by the vulnerable application.
Exploiting these issues allows attackers to execute arbitrary machine code with SYSTEM-level privileges and to completely compromise affected computers. Failed exploit attempts will result in a denial of service.
These issues were reported to affect ServerProtect 5.58 Build 1176 (Security Patch 3). Earlier versions may also be affected.
Trend Micro ServerProtect is prone to multiple remote buffer-overflow vulnerabilities because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
Nine buffer-overflow vulnerabilities affect the 'SpntSvc.exe' and agent services that listen on TCP ports 5168 and 3628. Attackers may exploit these vulnerabilities over RPC interfaces that are exposed by the vulnerable application.
Exploiting these issues allows attackers to execute arbitrary machine code with SYSTEM-level privileges and to completely compromise affected computers. Failed exploit attempts will result in a denial of service.
These issues were reported to affect ServerProtect 5.58 Build 1176 (Security Patch 3). Earlier versions may also be affected.
Exploit / POC
Trend Micro ServerProtect Multiple RPC Remote Buffer Overflow Vulnerabilities
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
Trend Micro ServerProtect Multiple RPC Remote Buffer Overflow Vulnerabilities
Solution:
The vendor has released Security Patch 4 to address these issues. Please see the references for more information.
Solution:
The vendor has released Security Patch 4 to address these issues. Please see the references for more information.
References
Trend Micro ServerProtect Multiple RPC Remote Buffer Overflow Vulnerabilities
References:
References:
- ServerProtect Security Patch 4 (Trend Micro)
- Trend Micro Homepage (Trend Micro)
- ZDI-07-050 Trend Micro ServerProtect RPCFN_SetComputerName() Stack Overflow Vuln (ZDI)
- iDefense Security Advisory 08.21.07: Trend Micro ServerProtect Multiple Buffer O (iDefense Labs
- VU#204448 - Vulnerability Note VU#204448 (US-CERT)