Lucene search
AnonymousZDI-07-050HistorySep 07, 2007 - 12:00 a.m.
Trend Micro ServerProtect RPCFN_SetComputerName() Stack Overflow Vulnerability
2007-09-0700:00:00
Anonymous
www.zerodayinitiative.com
9
EPSS
0.968
Percentile
99.7%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro ServerProtect. Authentication is not required to exploit this vulnerability. The specific flaw is exposed through the RPC interface bound on TCP port 5168 and defined in SpntSvc.exe with the following UUID: 25288888-bd5b-11d1-9d53-0080c83a5c2c The vulnerable function, RPCFN_SetComputerName(), is reached when the custom protocols “subcode” is set to “\x30\x00\x0a\x00”. Improper use of the MultiByteToWideChar() API results in an exploitable stack based buffer overflow.
Related
cert
cert
Trend Micro ServerProtect RPC buffer overflows
2007-08-23 00:00:00
Trend Micro ServerProtect Agent service RPC stack-buffer overflow
2007-08-23 00:00:00
saint
saint
Trend Micro ServerProtect RPCFN_CMON_SetSvcImpersonateUser buffer overflow
2007-12-28 00:00:00
Trend Micro ServerProtect RPC NTF_SetPagerNotifyConfig buffer overflow
2007-08-23 00:00:00
Trend Micro ServerProtect RPC NTF_SetPagerNotifyConfig buffer overflow
2007-08-23 00:00:00
checkpoint_advisories
checkpoint_advisories
securityvulns
securityvulns
ZDI-07-050: Trend Micro ServerProtect RPCFN_SetComputerName() Stack Overflow Vulnerability
2007-09-11 00:00:00
iDefense Security Advisory 08.21.07: Trend Micro ServerProtect Multiple Buffer Overflow Vulnerabilities
2007-08-22 00:00:00
Trend Micro antiviral products multiple security vulnerabilities
2007-09-11 00:00:00
prion
prion
Buffer overflow
2007-08-22 23:17:00
cvelist
cvelist
CVE-2007-4218
2007-08-22 23:00:00
cve
cve
CVE-2007-4218
2007-08-22 23:17:00
nvd
nvd
CVE-2007-4218
2007-08-22 23:17:00
nessus
nessus
Trend Micro ServerProtect Multiple Remote Overflows
2007-08-22 00:00:00