Trend Micro ServerProtect TmRpcSrv.dll RPC Request Multiple Overflows

This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.


Synopsis :

It is possible to execute code on the remote host through the AntiVirus
Agent.

Description :

The remote version of Trend Micro ServerProtect is vulnerable to
multiple stack overflows in the RPC interface. By sending specially
crafted requests to the remote host, an attacker may be able to
exploit stack based overflows and execute arbitrary code on the remote
host.

See also :

http://www.nessus.org/u?0afdbfea
http://www.nessus.org/u?6212c055

Solution :

Trend Micro has released a patch for ServerProtect for Windows/NetWare:

http://www.trendmicro.com/download/product.asp?productid=17

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.7
(CVSS2#E:H/RL:OF/RC:C)
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 24680 ()

Bugtraq ID: 22639

CVE ID: CVE-2007-1070