Check Point Advisories

Update Protection against Trend Micro ServerProtect CreateBinding DCE-RPC Buffer Overflow Vulnerability

Check Point Reference: CPAI-2007-098
Date Published: 21 Aug 2007
Severity: High
Last Updated: Monday 01 January, 2007
Source: Secunia Advisory: SA25186
Industry Reference:CVE-2007-2508
Protection Provided by:
Who is Vulnerable? Trend Micro ServerProtect for Windows 5.58
Vulnerability Description A buffer overflow vulnerability has been reported in Trend Micro ServerProtect. Trend Micro ServerProtect is a centrally managed virus protection console for enterprise-class servers. A remote attacker may exploit this issue to execute arbitrary code on a vulnerable system via a specially crafted RPC request.
Update/Patch AvaliableApply patches:
Trendmicro2
Trendmicro3
Vulnerability DetailsThe vulnerability is due to a boundary error in the SpntSvc daemon, the vulnerable component of Trend Micro ServerProtect, that fails to properly handle malformed RPC requests. A remote attacker could specially craft a malicious RPC request that will cause the system to execute arbitrary commands.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK