Lucene search

MitreCVE-2005-1928

HistoryDec 14, 2005 - 11:03 p.m.

CVE-2005-1928

2005-12-1423:03:00

CWE-399

mitre

web.nvd.nist.gov

trend micro

serverprotect

earthagent

windows

management console

denial of service

remote attack

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.8

Confidence

High

EPSS

0.032

Percentile

91.2%

JSON

Trend Micro ServerProtect EarthAgent for Windows Management Console 5.58 and possibly earlier versions, when running with Trend Micro Control Manager 2.5 and 3.0, and Damage Cleanup Server 1.1, allows remote attackers to cause a denial of service (CPU consumption) via a flood of crafted packets with a certain “magic value” to port 5005, which also leads to a memory leak.

Affected configurations

Nvd

Node

trend_microserverprotect_earthagentMatch5.58

VendorProductVersionCPE
trend_microserverprotect_earthagent5.58cpe:2.3:a:trend_micro:serverprotect_earthagent:5.58:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
trend_micro	serverprotect_earthagent	5.58	cpe:2.3:a:trend_micro:serverprotect_earthagent:5.58:::::::*

References

kb.trendmicro.com/solutions/search/main/search/solutionDetail.asp?solutionID=25254

secunia.com/advisories/18038

securityreason.com/securityalert/259

securitytracker.com/id?1015358

solutionfile.trendmicro.com/SolutionFile/25254/en/Hotfix_Readme_SPNT5_58_B1137.txt

www.idefense.com/application/poi/display?id=356&type=vulnerabilities

www.osvdb.org/21773

www.securityfocus.com/bid/15868

www.vupen.com/english/advisories/2005/2907

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.8

Confidence

High

EPSS

0.032

Percentile

91.2%

JSON

Related for CVE-2005-1928