> Trend Micro ServerProtect Two Buffer Overflow Vulnerabilities
> SECUNIA ADVISORY ID:
> VERIFY ADVISORY:
> Moderately critical
> System access
> From local network
> Trend Micro ServerProtect for Windows/NetWare 5.x
> Two vulnerabilities have been reported in Trend Micro ServerProtect,
> which can be exploited by malicious people to compromise a vulnerable
> 1) A boundary error within the EarthAgent.exe service can be
> exploited to cause a stack-based buffer overflow via a specially
> crafted RPC request to the said service (default port 3628/TCP).
> 2) A boundary error within the "CAgRpcClient::CreateBinding()"
> function in AgRpcCln.dll can be exploited to cause a stack-based
> buffer overflow via a specially crafted RPC request to the
> SpntSvc.exe service (default port 5168/TCP).
> Successful exploitation of the vulnerabilities allows execution of
> arbitrary code.
> The vulnerabilities reportedly affect version 5.58.
> Apply patches.
> PROVIDED AND/OR DISCOVERED BY:
> Discovered by Eric Detoisien and reported via ZDI.
> ORIGINAL ADVISORY:
> Trend Micro:
Copyright © Lexa Software, 1996-2009.