Trend Micro ServerProtect contains a stack-based buffer overflow.
Trend Micro ServerProtect fails to properly handle data passed to the ENG_SetRealTimeScanConfigInfo()routine possibly allowing a stack-based buffer overflow to occur. This overflow can be triggered by sending a specially crafted RPC packet to an affected Trend Micro ServerProtect installation.
For more information refer to Trend Micro Solution ID: 1034290.
A remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system.
Apply a patch
Trend Micro has addressed this vulnerability with Security Patch 1- Build 1171.
This vulnerability was reported by Pedram Amini of Tipping Point Security Research Team.
This document was written by Jeff Gennari.
|Date First Published:||2007-02-21|
|Date Last Updated:||2007-02-21 19:03 UTC|