{"vuid":"VU#488424","idnumber":"488424","name":"Trend Micro ServerProtect SpntSvc buffer overflow vulnerability","keywords":["Trend Micro","ServerProtect","stack buffer overflow","arbitrary code execution","AgRpcCln.dll","RPC","SpntSvc.exe","CAgRpcClient::CreateBinding"],"overview":"Trend Micro ServerProtect contains a buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code on a vulnerable system.","clean_desc":"Trend Micro ServerProtect is an anti-virus application that is designed to run on Windows-based servers. The ServerProtect architecture includes a management console, information server, and the server which has ServerProtect installed. The ServerProtect executable that runs on the server being protected by the anti-virus engine is called SpntSvc.exe. The SpntSvc component contains a stack overflow vulnerability. An attacker may be able to trigger the overflow by sending a malformed RPC request to the SpntSvc process.","impact":"A remote, unauthenticated attacker may be able to execute arbitrary code with elevated privileges, or create a denial-of-service condition.","resolution":"Update\nTrend Micro has released ServerProtect 5.58 for Windows Security Patch 3- Build 1176 to address this vulnerability.","workarounds":"Restrict Access Restricting network access to 5168/tcp to trusted hosts may mitigate this vulnerability.","sysaffected":"","thanks":"Thanks to the Zero Day Initiative for information that was used in this report. The Zero Day Initiative credits Eric DETOISIEN with discovery of this vulnerability.","author":"This document was written by Ryan Giobbi.","public":["http://www.trendmicro.com/download_beta/product.asp?productid=17","http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch3_readme.txt","http://www.zerodayinitiative.com/advisories/ZDI-07-024.html","http://secunia.com/advisories/25186/"],"cveids":["CVE-2007-2508"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2007-05-08T14:43:55Z","publicdate":"2007-05-07T00:00:00Z","datefirstpublished":"2007-05-09T18:22:59Z","dateupdated":"2007-05-14T13:33:30Z","revision":8,"vrda_d1_directreport":"0","vrda_d1_population":"2","vrda_d1_impact":"4","cam_widelyknown":"10","cam_exploitation":"0","cam_internetinfrastructure":"4","cam_population":"1","cam_impact":"8","cam_easeofexploitation":"16","cam_attackeraccessrequired":"20","cam_scorecurrent":"0.672","cam_scorecurrentwidelyknown":"1.152","cam_scorecurrentwidelyknownexploited":"2.112","ipprotocol":"TCP","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":0.672,"vulnote":null}