TrendMicro ServerProtect multiple security vulnerabilities

[EN] securityvulns.ru
no-pyccku

TrendMicro ServerProtect multiple security vulnerabilities
updated since 21.02.2007
Published: 21.02.2007
Source: BUGTRAQ
SecurityVulns ID: 7270
Type: remote
Level: 6/10
Description: Few stack overruns (stack-based buffer overflows) in RPC-based services (TCP/5168).

Affected: TM : ServerProtect 5.58
TM : ServerProtect 5.61
TM : ServerProtect 5.62
CVE: CVE-2007-1070 (Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions in (a) StCommon.dll, and (4) ENG_SetRealTimeScanConfigInfo and (5) ENG_SendEMail functions in (b) eng50.dll.)

Original document 3COM, TSRT-07-02: Trend Micro ServerProtect eng50.dll Stack Overflow Vulnerabilities (21.02.2007)

3COM, TSRT-07-01: Trend Micro ServerProtect StCommon.dll Stack Overflow Vulnerabilities (21.02.2007)

Discuss: Read or add your comments to this news (0 comments)