Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:2472227D38ECCF5DF4694D5C03D5947B
HistoryDec 28, 2007 - 12:00 a.m.

Trend Micro ServerProtect RPCFN_CMON_SetSvcImpersonateUser buffer overflow

2007-12-2800:00:00
SAINT Corporation
my.saintcorporation.com
19

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.966 High

EPSS

Percentile

99.6%

JSON

Added: 12/28/2007
CVE: CVE-2007-4218
BID: 25395
OSVDB: 39752

Background

Trend Micro ServerProtect is a virus scanner for servers.

Problem

A buffer overflow in the ServerProtect service allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request which is processed by the **RPCFN_CMON_SetSvcImpersonateUser** function in the **Stcommon.dll** library.

Resolution

Apply ServerProtect 5.58 Security Patch 4 or higher.

References

<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=587&gt;
<http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt&gt;

Limitations

Exploit works on Trend Micro ServerProtect 5.58 Security Patch 3.

Platforms

Windows
Windows Server 2003 SP1

Related

prion 1
saint 11
securityvulns 3
zdi 1
cert 2
checkpoint_advisories 2
cve 1
nessus 1
prion
prion
Buffer overflow
2007-08-22 23:17:00
saint
saint
Trend Micro ServerProtect SpntSvc RPC buffer overflow
2007-09-21 00:00:00
Trend Micro ServerProtect RPC NTF_SetPagerNotifyConfig buffer overflow
2007-08-23 00:00:00
Trend Micro ServerProtect RPCFN_CMON_SetSvcImpersonateUser buffer overflow
2007-12-28 00:00:00
securityvulns
securityvulns
iDefense Security Advisory 08.21.07: Trend Micro ServerProtect Multiple Buffer Overflow Vulnerabilities
2007-08-22 00:00:00
ZDI-07-050: Trend Micro ServerProtect RPCFN_SetComputerName&#40;&#41; Stack Overflow Vulnerability
2007-09-11 00:00:00
Trend Micro antiviral products multiple security vulnerabilities
2007-09-11 00:00:00
zdi
zdi
Trend Micro ServerProtect RPCFN_SetComputerName() Stack Overflow Vulnerability
2007-09-07 00:00:00
cert
cert
Trend Micro ServerProtect RPC buffer overflows
2007-08-23 00:00:00
Trend Micro ServerProtect Agent service RPC stack-buffer overflow
2007-08-23 00:00:00
checkpoint_advisories
checkpoint_advisories
Update Protection against Multiple Trend Micro ServerProtect Buffer Overflow Vulnerabilities
2007-09-18 00:00:00
Trend Micro ServerProtect RPC Multiple Buffer Overflows (CVE-2007-1070; CVE-2007-2508; CVE-2007-4218)
2007-03-14 00:00:00
cve
cve
CVE-2007-4218
2007-08-22 23:17:00
nessus
nessus
Trend Micro ServerProtect Multiple Remote Overflows
2007-08-22 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.966 High

EPSS

Percentile

99.6%

JSON
Related for SAINT:2472227D38ECCF5DF4694D5C03D5947B
prion1saint11securityvulns3zdi1cert2checkpoint_advisories2cve1nessus1