Trend Micro ServerProtect Multiple Remote Overflows

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

It is possible to execute code on the remote host through the
AntiVirus Agent.

Description :

The remote version of Trend Micro ServerProtect is vulnerable to
multiple buffer overflows in the RPC interface. By sending specially
crafted requests to the remote host, an attacker may be able to
exploit those overflows and execute arbitrary code on the remote host
with SYSTEM privileges.

See also :

http://www.nessus.org/u?ad66593b
http://www.nessus.org/u?4e9da692
http://www.trendmicro.com/download/product.asp?productid=17

Solution :

Trend Micro has released a patch for ServerProtect for
Windows / NetWare.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.8
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 25925 ()

Bugtraq ID: 25395
25396
25595

CVE ID: CVE-2007-4218
CVE-2007-4219
CVE-2007-4731

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now