Trend Micro ServerProtect SpntSvc RPC buffer overflow

Added: 09/21/2007
CVE: CVE-2007-4218
BID: 25395
OSVDB: 39753

Background

ServerProtect is a virus scanner for servers. The Trend Micro ServerProtect service (SpntSvc.exe) handles RPC requests on port 5168/TCP.

Problem

Buffer overflow vulnerabilities in the Trend Micro ServerProtect service allow remote attackers to execute arbitrary commands by sending a specially crafted RPC request to the service.

Resolution

Apply ServerProtect 5.58 Security Patch 4.

References

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=587

Limitations

Exploit works on Trend Micro ServerProtect for Windows 5.58 Patch 3.

Platforms

Windows

Back to exploit index