| Name | Trend.ServerProtect.Agent.service.Buffer.Overflow |
| Alias/es | Trend.ServerProtect.Agent.service.Buffer.Overflow |
| Release Date | Sep 06, 2007 |
| Severity | Critical |
| Impact | System compromise: Remote code execution. |
| Description | This indicates an attempt to exploit a vulnerability in Trend Micro ServerProtect for Windows.
The vulnerability is caused by a bounds-checking error in the "RPCFN_CopyAUSrc function" in EarthAgent.exe. It allows remote attackers to execute arbitrary code by sending overly long strings within an RPC request. |
| Affected Products | Trend Micro ServerProtect 5.58 Build 1176 for Windows and prior. |
| Recommended Actions | Apply the patch, available from the vendor's web site.
http://www.trendmicro.com/ftp/products/patches/spnt_558_win_en_securitypatch4.exe |
| Common Vulnerabilities and Exposures (CVE) | http://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-4218
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-4219
|
| Reference/s | http://www.securityfocus.com/bid/25395 (BugTraq)
http://www.vupen.com/english/advisories/2007/2934 (FrSIRT)
|