325 matches found
CVE-2007-2528
Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows before Security Patch 3 Build 1176 allows remote attackers to execute arbitrary code via unknown vectors related to RPC requests. NOTE: this is probably a different vulnerability than CVE-2007-2508...
CVE-2007-2508
Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to 1 TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in...
CVE-2007-2528
Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows before Security Patch 3 Build 1176 allows remote attackers to execute arbitrary code via unknown vectors related to RPC requests. NOTE: this is probably a different vulnerability than CVE-2007-2508...
CVE-2007-2528
Summary: CVE-2007-2528 concerns a buffer overflow in Trend Micro ServerProtect 5.58 for Windows prior to Security Patch 3 Build 1176, via RPC-related vectors in AgRpcCln.dll. Connected documents provide concrete details for related vulnerability CVE-2007-2508, including multiple stack-based overf...
CVE-2007-2508
CVE-2007-2508 describes two remote, stack-based buffer overflow flaws in Trend Micro ServerProtect 5.58 that can be triggered via RPC on TCP ports 5168 (AgRpcClient::CreateBinding in SpntSvc.exe) and 3628 (EarthAgent.exe, reachable via TmRpcSrv.dll). Exploitation could allow arbitrary code execut...
Trend Micro ServerProtect EarthAgent buffer overflow vulnerability
Overview Trend Micro ServerProtect contains a buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code on a vulnerable system. Description Trend Micro ServerProtect is an anti-virus application that is designed to run on Windows-based servers. The...
Trend Micro ServerProtect AgRpcCln.dll Stack Overflow Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Trend Micro ServerProtect. Authentication is not required to exploit this vulnerability. The specific flaw exists in the SpntSvc.exe daemon, bound by default on TCP port 5168 and exposing the following...
Trend Micro ServerProtect EarthAgent Stack Overflow Vulnerability
These vulnerabilities allow attackers to execute arbitrary code on vulnerable installations of Trend Micro ServerProtect. Authentication is not required to exploit these vulnerabilities. The specific flaw exists in the EarthAgent.exe daemon, bound by default on TCP port 3628 and exposing the...
Trend Micro ServerProtect 5.58 - 'SpntSvc.exe' Remote Stack Buffer Overflow
source: https://www.securityfocus.com/bid/23868/info Trend Micro ServerProtect is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Exploiting this issue allow...
Trend Micro ServerProtect 5.58 - SpntSvc.exe Remote Stack Buffer Overflow
Trend Micro ServerProtect 5.58 - SpntSvc.exe Remote Stack Buffer Overflow source: https://www.securityfocus.com/bid/23868/info Trend Micro ServerProtect is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copyin...
Trend Micro ServerProtect 5.58 Buffer Overflow
This module exploits a buffer overflow in Trend Micro ServerProtect 5.58 Build 1060. By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...
Trend Micro ServerProtect RPC Multiple Buffer Overflows (CVE-2007-1070; CVE-2007-2508; CVE-2007-4218)
Trend Micro ServerProtect is prone to multiple buffer overflow vulnerabilities. Trend Micro ServerProtect is a centrally managed virus protection console for enterprise-class servers. A remote attacker may exploit this issue to execute arbitrary code on a vulnerable system via a specially crafted...
Trend Micro ServerProtect ENG_SetRealTimeScanConfigInfo buffer overflow
Added: 03/07/2007 CVE: CVE-2007-1070 BID: 22639 OSVDB: 33042 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the ENGSetRealTimeScanConfigInfo function allows remote attackers to execute arbitrary commands by sending a specially craft...
Trend Micro ServerProtect ENG_SetRealTimeScanConfigInfo buffer overflow
Added: 03/07/2007 CVE: CVE-2007-1070 BID: 22639 OSVDB: 33042 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the ENGSetRealTimeScanConfigInfo function allows remote attackers to execute arbitrary commands by sending a specially craft...
Trend Micro ServerProtect ENG_SetRealTimeScanConfigInfo buffer overflow
Added: 03/07/2007 CVE: CVE-2007-1070 BID: 22639 OSVDB: 33042 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the ENGSetRealTimeScanConfigInfo function allows remote attackers to execute arbitrary commands by sending a specially craft...
Trend Micro ServerProtect ENG_SetRealTimeScanConfigInfo buffer overflow
Added: 03/07/2007 CVE: CVE-2007-1070 BID: 22639 OSVDB: 33042 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the ENGSetRealTimeScanConfigInfo function allows remote attackers to execute arbitrary commands by sending a specially craft...
CVE-2007-1169
The web interface in Trend Micro ServerProtect for Linux SPLX 1.25, 1.3, and 2.5 before 20070216 accepts logon requests through unencrypted HTTP, which might allow remote attackers to obtain credentials by sniffing the network...
CVE-2007-1168
Trend Micro ServerProtect for Linux SPLX 1.25, 1.3, and 2.5 before 20070216 allows remote attackers to access arbitrary web pages and reconfigure the product via HTTP requests with the splx2376info cookie to the web interface port 14942/tcp...
Design/Logic Flaw
The web interface in Trend Micro ServerProtect for Linux SPLX 1.25, 1.3, and 2.5 before 20070216 accepts logon requests through unencrypted HTTP, which might allow remote attackers to obtain credentials by sniffing the network...
Code injection
Trend Micro ServerProtect for Linux SPLX 1.25, 1.3, and 2.5 before 20070216 allows remote attackers to access arbitrary web pages and reconfigure the product via HTTP requests with the splx2376info cookie to the web interface port 14942/tcp...