Trend Micro ServerProtect RPCFN_CMON_SetSvcImpersonateUser buffer overflow

Added: 12/28/2007
CVE: CVE-2007-4218
BID: 25395
OSVDB: 39752

Background

Trend Micro ServerProtect is a virus scanner for servers.

Problem

A buffer overflow in the ServerProtect service allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request which is processed by the RPCFN_CMON_SetSvcImpersonateUser function in the Stcommon.dll library.

Resolution

Apply ServerProtect 5.58 Security Patch 4 or higher.

References

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=587
http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt

Limitations

Exploit works on Trend Micro ServerProtect 5.58 Security Patch 3.

Platforms

Windows
Windows Server 2003 SP1

Back to exploit index