---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. Join the FREE BETA test of the Network Software Inspector (NSI)! http://secunia.com/network_software_inspector/ The NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. ---------------------------------------------------------------------- TITLE: Trend Micro ServerProtect Two Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA25186 VERIFY ADVISORY: http://secunia.com/advisories/25186/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From local network SOFTWARE: Trend Micro ServerProtect for Windows/NetWare 5.x http://secunia.com/product/1153/ DESCRIPTION: Two vulnerabilities have been reported in Trend Micro ServerProtect, which can be exploited by malicious people to compromise a vulnerable system. 1) A boundary error within the EarthAgent.exe service can be exploited to cause a stack-based buffer overflow via a specially crafted RPC request to the said service (default port 3628/TCP). 2) A boundary error within the "CAgRpcClient::CreateBinding()" function in AgRpcCln.dll can be exploited to cause a stack-based buffer overflow via a specially crafted RPC request to the SpntSvc.exe service (default port 5168/TCP). Successful exploitation of the vulnerabilities allows execution of arbitrary code. The vulnerabilities reportedly affect version 5.58. SOLUTION: Apply patches. http://www.trendmicro.com/download_beta/product.asp?productid=17 PROVIDED AND/OR DISCOVERED BY: Discovered by Eric Detoisien and reported via ZDI. ORIGINAL ADVISORY: Trend Micro: http://www.trendmicro.com/download_beta/product.asp?productid=17 ZDI: http://www.zerodayinitiative.com/advisories/ZDI-07-024.html http://www.zerodayinitiative.com/advisories/ZDI-07-025.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------