Vulnerability Note VU#630025

Trend Micro ServerProtect fails ENG_SetRealTimeScanConfigInfo() stack buffer overflow

Overview

Trend Micro ServerProtect contains a stack-based buffer overflow.

I. Description

Trend Micro ServerProtect fails to properly handle data passed to the ENG_SetRealTimeScanConfigInfo()routine possibly allowing a stack-based buffer overflow to occur. This overflow can be triggered by sending a specially crafted RPC packet to an affected Trend Micro ServerProtect installation.

For more information refer to Trend Micro Solution ID: 1034290.

II. Impact

A remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system.

III. Solution

Apply a patch

Trend Micro has addressed this vulnerability with Security Patch 1- Build 1171.

Systems Affected

Vendor	Status	Date Notified	Date Updated
Trend Micro	Vulnerable	21-Feb-2007

References

http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch1_readme.txt
http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290
http://www.tippingpoint.com/security/advisories/TSRT-07-01.html
http://www.tippingpoint.com/security/advisories/TSRT-07-02.html

Credit

This vulnerability was reported by Pedram Amini of Tipping Point Security Research Team.

This document was written by Jeff Gennari.

Other Information

Date Public:	2007-02-20
Date First Published:	2007-02-21
Date Last Updated:	2007-02-21
CERT Advisory:
CVE-ID(s):	CVE-2007-1070
NVD-ID(s):	CVE-2007-1070
US-CERT Technical Alerts:
Metric:	28.69
Document Revision:	5

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Produced 2007 by US-CERT, a government organization
Disclaimers and copyright information

Get Adobe Reader