CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.2%
Added: 05/16/2007
CVE: CVE-2007-2508
BID: 23866
OSVDB: 35789
Trend Micro ServerProtect is a virus scanner for servers. It includes the EarthAgent daemon which listens for connections on port 3628/TCP.
A buffer overflow vulnerability in the EarthAgent daemon allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request to port 3628/TCP.
Apply one of the patches referenced in Trend Micro solution ID 1034290.
<http://www.zerodayinitiative.com/advisories/ZDI-07-024.html>
Exploit works on Trend Micro ServerProtect 5.58 Build 1060.
Windows