CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

seebug.org•added 2008/01/03 12:0 a.m.•32 views

Trend Micro ServerProtect StRpcSrv.dll RPC接口不安全实现方式漏洞

BUGTRAQ ID: 26912 Trend ServerProtect是一款企业级反病毒程序。 ServerProtect的SpntSvc.exe守护程序处理请求数据时存在漏洞，远程攻击者可能利用此漏洞控制服务器。 ServerProtect中默认绑定到TCP 5168端口上的SpntSvc.exe守护程序通过TmRpcSrv.dll库暴露以下DCE/RPC接口： / opcode: 0x00, address: 0x65741030 / errorstatust sub65741030 in handlet arg1, in long arg2, insizeisarg4 byte...

6.9AI score

Prion•added 2007/12/20 11:46 p.m.•10 views

Code injection

SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface, which allows remote attackers to obtain "full file system access" and execute arbitrary code...

10CVSS7.9AI score0.7136EPSS

Exploits1References7Affected Software1

CVE•added 2007/12/20 11:0 p.m.•65 views

CVE-2007-6507

CVE-2007-6507 affects Trend Micro ServerProtect on Windows (5.58) prior to Security Patch 4. The vulnerability exists in the SpntSvc.exe RPC service, which exposes dangerous sub-functions from StRpcSrv.dll via the DCE/RPC interface, allowing remote attackers to obtain full filesystem access and e...

10CVSS7.4AI score0.7136EPSS

Exploits1References7Affected Software1

securityvulns•added 2007/12/18 12:0 a.m.•47 views

ZDI-07-077: Trend Micro ServerProtect StRpcSrv.dll Insecure Method Exposure Vulnerability

ZDI-07-077: Trend Micro ServerProtect StRpcSrv.dll Insecure Method Exposure Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-077.html December 17, 2007 -- CVE ID: -- Affected Vendor: Trend Micro -- Affected Products: ServerProtect v5.58 -- TippingPointTM IPS Customer Protection:...

1AI score

Zero Day Initiative•added 2007/12/17 12:0 a.m.•20 views

Trend Micro ServerProtect StRpcSrv.dll Insecure Method Exposure Vulnerability

These vulnerabilities allow attackers to execute arbitrary code on vulnerable installations of Trend Micro ServerProtect. Authentication is not required to exploit these vulnerabilities. The specific flaw exists in the SpntSvc.exe daemon, bound by default on TCP port 5168 and exposing the followi...

10CVSS3.9AI score0.7136EPSS

Exploits1References1

securityvulns•added 2007/12/16 12:0 a.m.•40 views

[security bulletin] HPSBUX02294 SSRT071451 rev.1 - HP-UX Running DCE, Remote Denial of Service (DoS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01294212 Version: 1 HPSBUX02294 SSRT071451 rev.1 - HP-UX Running DCE, Remote Denial of Service DoS NOTICE: The information in this Security Bulletin should be acted upon as soon as possible...

10CVSS0.4AI score0.22849EPSS

Exploits1

Prion•added 2007/12/15 1:46 a.m.•12 views

Buffer overflow

Buffer overflow in the swrpcagentinit function in swagentd in Software Distributor SD, and possibly other DCE applications, in HP HP-UX B.11.11 and B.11.23 allows remote attackers to execute arbitrary code or cause a denial of service via malformed arguments in an opcode 0x04 DCE RPC request...

10CVSS8.3AI score0.22849EPSS

Exploits1References9Affected Software1

NVD•added 2007/12/15 1:46 a.m.•9 views

CVE-2007-6195

10CVSS8AI score0.22849EPSS

Exploits1References9

Cvelist•added 2007/12/15 1:0 a.m.•18 views

CVE-2007-6195

8AI score0.22849EPSS

Exploits1References9

seebug.org•added 2007/12/15 12:0 a.m.•14 views

HP-UX运行DCE未明远程拒绝服务漏洞

HP-UX是一款商业性质的操作系统。 HP-UX运行DCE存在未明安全问题，远程攻击者可以利用漏洞对系统进行拒绝服务攻击。目前没有详细漏洞细节提供。 HP HP-UX B.11.23 HP HP-UX B.11.11 HP DCE-CoreTools HP DCE-Core 厂商解决方案补丁下载： HP HP-UX B.11.11 HP PHSS36004 HP-UX B.11.11 11i v1 http://itrc.hp.com HP HP-UX B.11.23 HP PHSS36005 HP-UX B.11.23 11i v2 http://itrc.hp.com HP...

7.1AI score

Tenable Nessus•added 2007/10/03 12:0 a.m.•13 views

HP-UX Security Patch : PHSS_29749

HP DCE/9000 1.7 Runtime cumulative patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26681; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...

Tenable Nessus•added 2007/10/03 12:0 a.m.•44 views

HP-UX PHSS_36004 : HP-UX Running DCE, Remote Denial of Service (DoS) (HPSBUX02294 SSRT071451 rev.1)

s700800 11.11 HP DCE/9000 1.8 DCE Client IPv6 patch : A potential security vulnerability has been identified with HP-UX applications running DCE such as Software Distributor SD. The vulnerability could be exploited remotely to create a denial of service DoS. %NASLMINLEVEL 70300 C Tenable Network...

10CVSS5.3AI score0.22849EPSS

Exploits1References4

Tenable Nessus•added 2007/10/03 12:0 a.m.•15 views

HP-UX Security Patch : PHSS_27962

HP DCE/9000 1.7 Runtime cumulative patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26650; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...

Tenable Nessus•added 2007/10/03 12:0 a.m.•10 views

HP-UX Security Patch : PHSS_28386

HP DCE/9000 1.8 DCE Client IPv6 patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26658; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...

Tenable Nessus•added 2007/10/03 12:0 a.m.•10 views

HP-UX Security Patch : PHSS_28387

HP DCE/9000 1.8 Server/DevTools cum. patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26659; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...

Tenable Nessus•added 2007/10/03 12:0 a.m.•15 views

HP-UX Security Patch : PHSS_33321

HP DCE 1.9 client cumulative patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26795; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/01/11...