12 matches found
Trend Micro ServerProtect StRpcSrv.dll Insecure Method Exposure Vulnerability
These vulnerabilities allow attackers to execute arbitrary code on vulnerable installations of Trend Micro ServerProtect. Authentication is not required to exploit these vulnerabilities. The specific flaw exists in the SpntSvc.exe daemon, bound by default on TCP port 5168 and exposing the followi...
ZDI-07-050: Trend Micro ServerProtect RPCFN_SetComputerName() Stack Overflow Vulnerability
ZDI-07-050: Trend Micro ServerProtect RPCFNSetComputerName Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-050.html September 7, 2007 -- CVE ID: CVE-2007-4218 -- Affected Vendor: Trend Micro -- Affected Products: ServerProtect v5.58 -- TippingPointTM IPS Customer...
Trend Micro ServerProtect RPC NTF_SetPagerNotifyConfig buffer overflow
Added: 08/23/2007 CVE: CVE-2007-4218 BID: 25395 OSVDB: 39754 Background ServerProtect is a virus scanner for servers. Problem A buffer overflow in the NTFSetPagerNotifyConfig function within the Notification.dll library allows remote attackers to execute arbitrary commands by sending a specially...
CVE-2007-4219
Integer overflow in the RPCFNSYNCTASK function in StRpcSrv.dll, as used by the ServerProtect service SpntSvc.exe, in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a certain integer field in a request packet to TCP port 516...
Integer overflow
Integer overflow in the RPCFNSYNCTASK function in StRpcSrv.dll, as used by the ServerProtect service SpntSvc.exe, in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a certain integer field in a request packet to TCP port 516...
CVE-2007-4219
Trend Micro ServerProtect for Windows contains an integer overflow in RPCFN_SYNC_TASK (StRpcSrv.dll) used by the SpntSvc.exe service, exploitable by remote attackers via malformed requests to 5168/tcp. The flaw can trigger a heap-based buffer overflow and arbitrary code execution. Affected versio...
CVE-2007-4219
Integer overflow in the RPCFNSYNCTASK function in StRpcSrv.dll, as used by the ServerProtect service SpntSvc.exe, in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a certain integer field in a request packet to TCP port 516...
CVE-2007-2508
Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to 1 TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in...
Stack overflow
Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to 1 TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in...
CVE-2007-2508
Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to 1 TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in...
Trend Micro ServerProtect AgRpcCln.dll Stack Overflow Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Trend Micro ServerProtect. Authentication is not required to exploit this vulnerability. The specific flaw exists in the SpntSvc.exe daemon, bound by default on TCP port 5168 and exposing the following...
TSRT-07-01: Trend Micro ServerProtect StCommon.dll Stack Overflow Vulnerabilities
TSRT-07-01: Trend Micro ServerProtect StCommon.dll Stack Overflow Vulnerabilities http://www.tippingpoint.com/security/advisories/TSRT-07-01.html February 20, 2007 -- CVE ID: CVE-2007-1070 -- Affected Vendor: Trend Micro -- Affected Products: ServerProtect for Windows 5.58 ServerProtect for EMC...