Trend Micro ServerProtect TMregChange buffer overflow

2007-09-27T00:00:00
ID SAINT:B9C629AD2B2D021F19544E5F1C97A42B
Type saint
Reporter SAINT Corporation
Modified 2007-09-27T00:00:00

Description

Added: 09/27/2007
CVE: CVE-2007-4731
OSVDB: 45878

Background

Trend Micro ServerProtect is a virus scanner for servers.

Problem

A buffer overflow vulnerability in the TMregChange function in the **TMreg.dll** library allows remote attackers to execute arbitrary commands by sending specially crafted data to port 5005/TCP.

Resolution

Apply ServerProtect 5.58 Security Patch 4.

References

<http://www.zerodayinitiative.com/advisories/ZDI-07-051.html>

Limitations

Exploit works on Trend Micro ServerProtect for Windows 5.58 Security Patch 3.

Platforms

Windows