Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:959400
HistoryAug 23, 2007 - 12:00 a.m.

Trend Micro ServerProtect Integer Overflow Vulnerability

2007-08-2300:00:00
www.kb.cert.org
13

0.887 High

EPSS

Percentile

98.7%

JSON

Overview

Trend Micro ServerProtect contains an integer overflow vulnerability that may allow a remote attacker to execute arbitrary code.

Description

Trend Micro ServerProtect is an anti-virus application designed to run on Microsoft Windows servers. The application provides administrators with centralized management of multiple servers. The ServerProtect architecture includes a management console, information server, and the server which has ServerProtect installed.

The ServerProtect executable that runs on the server being protected by the anti-virus engine is called SpntSvc.exe. This executable uses the StRpcSrv.dll library to handle RPC requests on 5168/tcp.

The ServerProtect component contains an integer overflow vulnerability within the RPC function RPCFN_SYNC_TASK. A remote, unauthenticated attacker may be able to trigger the overflow by sending malformed RPC request to a vulnerable system.

Impact

A remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system.

Solution

Update

Trend Micro has addressed this vulnerability in Security Patch 4 - Build 1185.

Restrict Access

Restricting network access to 5168/tcp to trusted hosts may mitigate this vulnerability.

Vendor Information

959400

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Trend Micro Affected

Updated: August 23, 2007

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

This vulnerability was discovered by Jun Mao (iDefense Labs).

This document was written by Joseph Pruszynski.

Other Information

CVE IDs: CVE-2007-4219
Severity Metric: 5.57 Date Public:

Related

prion 1
securityvulns 2
cve 1
nessus 1
prion
prion
Integer overflow
2007-08-22 23:17:00
securityvulns
securityvulns
iDefense Security Advisory 08.21.07: Trend Micro ServerProtect RPCFN_SYNC_TASK Integer Overflow Vulnerability
2007-08-22 00:00:00
Trend Micro antiviral products multiple security vulnerabilities
2007-09-11 00:00:00
cve
cve
CVE-2007-4219
2007-08-22 23:17:00
nessus
nessus
Trend Micro ServerProtect Multiple Remote Overflows
2007-08-22 00:00:00

0.887 High

EPSS

Percentile

98.7%

JSON
Related for VU:959400
prion1securityvulns2cve1nessus1