New User, Welcome!     Login

The Trend

iDefense Security Advisory 08.21.07: Trend Micro ServerProtect Multiple Buffer Overflow Vulnerabilities

Remote exploitation of multiple buffer overflow vulnerabilities in Trend
Micro Inc.'s ServerProtect anti-virus software could allow attackers to
execute arbitrary code with system level privilege.

The Trend ServerProtect service (SpntSvc.exe) handles RPC requests on
TCP port 5168 with interface uuid 25288888-bd5b-11d1-9d53-0080c83a5c2c.
This service utilizes the StRpcSrv.dll, Stcommon.dll, Eng50.dll and
Notification.dll libraries to service various RPC requests.

Three buffer overflows exist with the StRpcSrv.dll library. The first

iDefense Security Advisory 08.21.07: Trend Micro ServerProtect RPCFN_SYNC_TASK Integer Overflow Vulnerability

Remote exploitation of an integer overflow vulnerability in Trend Micro
Inc.'s ServerProtect anti-virus software could allow attackers to
execute arbitrary code with system level privilege.

The Trend ServerProtect service (SpntSvc.exe) handles RPC requests on
TCP port 5168 with interface uuid 25288888-bd5b-11d1-9d53-0080c83a5c2c.
This service utilizes the StRpcSrv.dll library to service various RPC
requests.

An integer overflow exists wtihin the RPCFN_SYNC_TASK function. This

iDefense Security Advisory 10.25.07: Trend Micro Tmxpflt.sys IOCTL 0xa0284403 Buffer Overflow Vulnerability

http://labs.idefense.com/intelligence/vulnerabilities/
Oct 25, 2007

I. BACKGROUND

The Trend Micro AntiVirus scan engine provides AntiVirus capabilities to
desktop, server, and gateway systems. The engine is licensed to several
of Trend Micro's OEM partners. More information is available on Trend
Micro's web site at the following URL.

http://www.trendmicro.com/


Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!