Trend Micro ServerProtect SpntSvc.exe CreateBinding buffer overflow

Added: 07/09/2007
CVE: CVE-2007-2508
BID: 23868
OSVDB: 35790

Background

Trend Micro ServerProtect is a virus scanner for servers. It includes the SpntSvc.exe daemon which listens for connections on port 5168/TCP.

Problem

A buffer overflow vulnerability in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request to the SpntSvc.exe daemon.

Resolution

Apply ServerProtect 5.58 Security Patch 3 (build 1176) or higher.

References

http://www.zerodayinitiative.com/advisories/ZDI-07-025.html

Limitations

Exploit works on Trend Micro ServerProtect 5.58 Build 1060.

Platforms

Windows

Back to exploit index