Trend Micro ServerProtect RPCFN_CMON_SetSvcImpersonateUser buffer overflow

2007-12-28T00:00:00
ID SAINT:1310885A27D3FD55BD6D9F816FBA3A08
Type saint
Reporter SAINT Corporation
Modified 2007-12-28T00:00:00

Description

Added: 12/28/2007
CVE: CVE-2007-4218
BID: 25395
OSVDB: 39752

Background

Trend Micro ServerProtect is a virus scanner for servers.

Problem

A buffer overflow in the ServerProtect service allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request which is processed by the **RPCFN_CMON_SetSvcImpersonateUser** function in the **Stcommon.dll** library.

Resolution

Apply ServerProtect 5.58 Security Patch 4 or higher.

References

<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=587>
<http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt>

Limitations

Exploit works on Trend Micro ServerProtect 5.58 Security Patch 3.

Platforms

Windows
Windows Server 2003 SP1