Added: 12/28/2007
CVE: CVE-2007-4218
BID: 25395
OSVDB: 39752
Trend Micro ServerProtect is a virus scanner for servers.
A buffer overflow in the ServerProtect service allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request which is processed by the **RPCFN_CMON_SetSvcImpersonateUser**
function in the **Stcommon.dll**
library.
Apply ServerProtect 5.58 Security Patch 4 or higher.
<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=587>
<http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt>
Exploit works on Trend Micro ServerProtect 5.58 Security Patch 3.
Windows
Windows Server 2003 SP1