Signature Detail
Short Name |
MS-RPC:TREND-MICRO-RPC |
|---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
MS-RPC |
Keywords |
Trend Micro ServerProtect Multiple Buffer Overflows |
Release Date |
2007/02/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
MS-RPC: Trend Micro ServerProtect Multiple Buffer Overflows
This signature detects attempts to exploit a known vulnerability in the Trend Micro ServerProtect. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the system.
Extended Description
Trend Micro ServerProtect is prone to multiple remote stack-based buffer-overflow vulnerabilities because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Exploiting these issues allows attackers to execute arbitrary machine code with SYSTEM-level privileges.
Affected Products
- Trend Micro ServerProtect for EMC 5.58
- Trend Micro ServerProtect for Network Appliance Filer 5.61
- Trend Micro ServerProtect for Network Appliance Filer 5.62
- Trend Micro ServerProtect for Windows 5.58
References
- BugTraq: 25395
- BugTraq: 22639
- CVE: CVE-2007-1070
- CVE: CVE-2007-4218
- URL: http://www.kb.cert.org/vuls/id/349393
- URL: http://www.securityfocus.com/archive/1/archive/1/460690/100/0/threaded