325 matches found
CVE-2007-0072
Trend Micro ServerProtect 5.7 and 5.58 are affected by a heap-based buffer overflow in an unspecified RPC-related procedure that may allow remote code execution. The vulnerability affects the RPC handling path and could enable arbitrary commands to run with the ServerProtect account or an adminis...
CVE-2006-5269
CVE-2006-5269 describes a heap-based buffer overflow in an unspecified procedure of Trend Micro ServerProtect 5.7 and 5.58. The flaw is remote-accessible, likely related to an RPC interface, and can allow an attacker to execute arbitrary code. Affected products: Trend Micro ServerProtect 5.7 and ...
CVE-2006-5268
The CVE-2006-5268 entry concerns Trend Micro ServerProtect (versions 5.7 and 5.58). The connected documents describe an unspecified vulnerability that enables remote attackers to execute arbitrary code via vectors related to obtaining administrative access to the RPC interface, i.e., unauthentica...
CVE-2008-0014
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0013...
KLA10371 ACE vulnerability in Trend Micro ServerProtect
Buffer overflows were found in Trend Micro ServerProtect. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via unknown vectors. Original advisories - Related products Trend-Micro-ServerProtect-for-Windows-NetWare CVE list...
Trend Micro ServerProtect多个远程堆溢出及非授权访问漏洞
BUGTRAQ ID: 32261 CVECAN ID: CVE-2006-5268,CVE-2007-0072,CVE-2007-0073,CVE-2007-0074,CVE-2006-5269,CVE-2008-0012,CVE-2008-0013,CVE-2008-0014 Trend ServerProtect是一款企业级反病毒程序。 ServerProtect的RPC认证过程可能允许未经认证的远程攻击者获得对RPC接口的管理访问;此外多个RPC过程中还存在堆溢出漏洞,远程攻击者可以通过提交恶意请求触发这些溢出,导致执行任意指令。 Trend Micro ServerProtec...
Trend Micro ServerProtect contains multiple vulnerabilities
Overview Trend Micro ServerProtect contains multiple vulnerabilities. The most severe of these vulnerabilities may allow an attacker to execute commands, view sensitive data, or cause a system to crash. Description Trend Micro ServerProtect is designed to detect and remove viruses from files...
TrendMicro ServerProtect File Access
This modules exploits a remote file access flaw in the ServerProtect Windows Server RPC service. Please see the action list or the help output for more information. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework clas...
Trend Micro ServerProtect StRpcSrv.dll RPC接口不安全实现方式漏洞
BUGTRAQ ID: 26912 Trend ServerProtect是一款企业级反病毒程序。 ServerProtect的SpntSvc.exe守护程序处理请求数据时存在漏洞,远程攻击者可能利用此漏洞控制服务器。 ServerProtect中默认绑定到TCP 5168端口上的SpntSvc.exe守护程序通过TmRpcSrv.dll库暴露以下DCE/RPC接口: / opcode: 0x00, address: 0x65741030 / errorstatust sub65741030 in handlet arg1, in long arg2, insizeisarg4 byte...
Trend Micro ServerProtect RPCFN_CMON_SetSvcImpersonateUser buffer overflow
Added: 12/28/2007 CVE: CVE-2007-4218 BID: 25395 OSVDB: 39752 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow in the ServerProtect service allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request which is...
Trend Micro ServerProtect RPCFN_CMON_SetSvcImpersonateUser buffer overflow
Added: 12/28/2007 CVE: CVE-2007-4218 BID: 25395 OSVDB: 39752 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow in the ServerProtect service allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request which is...
Trend Micro ServerProtect RPCFN_CMON_SetSvcImpersonateUser buffer overflow
Added: 12/28/2007 CVE: CVE-2007-4218 BID: 25395 OSVDB: 39752 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow in the ServerProtect service allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request which is...
Trend Micro ServerProtect RPCFN_CMON_SetSvcImpersonateUser buffer overflow
Added: 12/28/2007 CVE: CVE-2007-4218 BID: 25395 OSVDB: 39752 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow in the ServerProtect service allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request which is...
CVE-2007-6507
SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface, which allows remote attackers to obtain "full file system access" and execute arbitrary code...
Code injection
SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface, which allows remote attackers to obtain "full file system access" and execute arbitrary code...
CVE-2007-6507
SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface, which allows remote attackers to obtain "full file system access" and execute arbitrary code...
CVE-2007-6507
SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface, which allows remote attackers to obtain "full file system access" and execute arbitrary code...
CVE-2007-6507
CVE-2007-6507 affects Trend Micro ServerProtect on Windows (5.58) prior to Security Patch 4. The vulnerability exists in the SpntSvc.exe RPC service, which exposes dangerous sub-functions from StRpcSrv.dll via the DCE/RPC interface, allowing remote attackers to obtain full filesystem access and e...
Trend Micro ServerProtect for Windows (SpntSvc.exe) StRpcSrv.dll Arbitrary Remote Code Execution
Binary data trendmicroserverprotectfile.nbin...
Trend Micro ServerProtect unauthorized access
TCP/5168 RPC-based service unauthorized access to system functions...