Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2012-2024 and is owned by Tenable, Inc. or an Affiliate thereof.TMCM_CMDPROCESSOR_ADDTASK_BOF_REMOTE.NBIN
HistoryJan 24, 2012 - 12:00 a.m.

Trend Micro Control Manager CmdProcessor.exe Remote Buffer Overflow (uncredentialed check)

2012-01-2400:00:00
This script is Copyright (C) 2012-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
JSON

The Trend Micro Control Manager running on the remote host is missing Critical Patch 1613. As such, the included CmdProcessor.exe component is affected by a remote stack buffer overflow vulnerability in the โ€˜CGenericScheduler::AddTaskโ€™ function of cmdHandlerRedAlertController.dll. By sending a specially crafted IPC packet to the service, which listens by default on TCP port 20101, an unauthenticated, remote attacker could leverage this issue to execute arbitrary code in the context of the user under which the service runs, which is SYSTEM by default.

Note that this script tries to kill the CmdProessor.exe process, but it will restart if it dies.

Binary data tmcm_cmdprocessor_addtask_bof_remote.nbin
JSON