Lucene search

SAINT CorporationSAINT:09FE1D4F7B4F6A100792AA511A1E812F

HistorySep 27, 2007 - 12:00 a.m.

Trend Micro ServerProtect TMregChange buffer overflow

2007-09-2700:00:00

SAINT Corporation

my.saintcorporation.com

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.948

Percentile

99.3%

JSON

Added: 09/27/2007
CVE: CVE-2007-4731
OSVDB: 45878

Background

Trend Micro ServerProtect is a virus scanner for servers.

Problem

A buffer overflow vulnerability in the TMregChange function in the **TMreg.dll** library allows remote attackers to execute arbitrary commands by sending specially crafted data to port 5005/TCP.

Resolution

Apply ServerProtect 5.58 Security Patch 4.

References

<http://www.zerodayinitiative.com/advisories/ZDI-07-051.html>

Limitations

Exploit works on Trend Micro ServerProtect for Windows 5.58 Security Patch 3.

Platforms

Windows

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.948

Percentile

99.3%

JSON

Related for SAINT:09FE1D4F7B4F6A100792AA511A1E812F