Trend Micro ServerProtect RPC NTF_SetPagerNotifyConfig buffer overflow

2007-08-23T00:00:00
ID SAINT:5314E219F146652D572D0AC3B147353A
Type saint
Reporter SAINT Corporation
Modified 2007-08-23T00:00:00

Description

Added: 08/23/2007
CVE: CVE-2007-4218
BID: 25395
OSVDB: 39754

Background

ServerProtect is a virus scanner for servers.

Problem

A buffer overflow in the NTF_SetPagerNotifyConfig function within the **Notification.dll** library allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request to port 5168/TCP.

Resolution

Apply ServerProtect 5.58 Security Patch 4.

References

<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=587>

Limitations

Exploit works on Trend Micro ServerProtect 5.58 with Patch 3.

Platforms

Windows