Trend Micro ServerProtect CMON_ActiveUpdate buffer overflow

2007-06-18T00:00:00
ID SAINT:892FA251978DFDCDC0CAC12F27F2CB28
Type saint
Reporter SAINT Corporation
Modified 2007-06-18T00:00:00

Description

Added: 06/18/2007
CVE: CVE-2007-1070
BID: 22639
OSVDB: 33042

Background

Trend Micro ServerProtect is a virus scanner for servers.

Problem

A buffer overflow vulnerability in the **CMON_ActiveUpdate** and **CMON_ActiveRollback** functions allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request.

Resolution

Apply the update referenced in the Trend Micro Vulnerability Response.

References

<http://dvlabs.tippingpoint.com/advisory/TPTI-07-01>
<http://www.kb.cert.org/vuls/id/466609>

Limitations

Exploit works on Trend Micro ServerProtect 5.58 Build 1060.

Platforms

Windows