Trend Micro ServerProtect AgRpcCln.dll Buffer Overflow

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The remote service is vulnerable to a remote buffer overflow attack.

Description :

The remote version of Trend Micro ServerProtect is vulnerable to a
stack overflow involving the 'wcscpy' function of the routine
'CAgRpcClient::CreateBinding' in AgRpcCln.dll library. An
unauthenticated, remote attacker may be able to leverage this issue
with specially crafted RPC requests to its SpntSvc.exe daemon to
execute arbitrary code on the remote host.

Note that by default, Trend Micro services run with LocalSystem
privileges.

See also :

http://www.zerodayinitiative.com/advisories/ZDI-07-025.html
http://seclists.org/bugtraq/2007/May/89
http://www.nessus.org/u?6b7dccdd

Solution :

Apply Security Patch 3 - Build 1176 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 25171 ()

Bugtraq ID: 23868

CVE ID: CVE-2007-2528

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now