CVE-2007-1070

Trend Micro ServerProtect 5.58 Buffer Overflow

Severity Score

10.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions in (a) StCommon.dll, and (4) ENG_SetRealTimeScanConfigInfo and (5) ENG_SendEMail functions in (b) eng50.dll.

Múltiples desbordamientos de búfer basado en pila en Trend Micro ServerProtect para Windows y EMC 5.58, y para Network Appliance Filer 5.61 y 5.62, permite a atacantes remotos ejecutar código de su elección a través respuestas RPC manipuladas en TmRpcSrv.dll que disparan un desbordamiento de búfer cuando se llama a las funciones (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, y (3) CMON_ActiveRollbackn en (a) StCommon.dll, y (4) ENG_SetRealTimeScanConfigInfo y (5) las funciones ENG_SendEMail en (b) eng50.dll.

*Credits: N/A

CVSS Scores

NISTv2 10.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2007-02-20 CVE Reserved
2007-02-20 First Exploit
2007-02-21 CVE Published
2024-03-11 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CAPEC

References (20)

URL	Tag	Source
http://osvdb.org/33042	Vdb Entry
http://secunia.com/advisories/24243	Third Party Advisory
http://www.kb.cert.org/vuls/id/349393	Third Party Advisory
http://www.kb.cert.org/vuls/id/466609	Third Party Advisory
http://www.kb.cert.org/vuls/id/630025	Third Party Advisory
http://www.kb.cert.org/vuls/id/730433	Third Party Advisory
http://www.securityfocus.com/archive/1/460686/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/460690/100/0/threaded	Mailing List
http://www.securityfocus.com/bid/22639	Vdb Entry
http://www.securitytracker.com/id?1017676	Vdb Entry
http://www.vupen.com/english/advisories/2007/0670	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/32594	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/32601	Vdb Entry

URL	Date	SRC
https://www.exploit-db.com/exploits/4367	2007-09-06
https://www.exploit-db.com/exploits/16827	2010-04-30
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/antivirus/trendmicro_serverprotect.rb	2007-02-20

URL	Date	SRC
http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290	2018-10-16

URL	Date	SRC
http://www.tippingpoint.com/security/advisories/TSRT-07-01.html	2018-10-16
http://www.tippingpoint.com/security/advisories/TSRT-07-02.html	2018-10-16
http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch1_readme.txt	2018-10-16

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Trend Micro Search vendor "Trend Micro"	Serverprotect Search vendor "Trend Micro" for product "Serverprotect"	5.58 Search vendor "Trend Micro" for product "Serverprotect" and version "5.58"	emc	Affected	in	Microsoft Search vendor "Microsoft"	Windows 2000 Search vendor "Microsoft" for product "Windows 2000"	*	-	Safe
Trend Micro Search vendor "Trend Micro"	Serverprotect Search vendor "Trend Micro" for product "Serverprotect"	5.58 Search vendor "Trend Micro" for product "Serverprotect" and version "5.58"	emc	Affected	in	Microsoft Search vendor "Microsoft"	Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server"	r2 Search vendor "Microsoft" for product "Windows 2003 Server" and version "r2"	-	Safe
Trend Micro Search vendor "Trend Micro"	Serverprotect Search vendor "Trend Micro" for product "Serverprotect"	5.58 Search vendor "Trend Micro" for product "Serverprotect" and version "5.58"	emc	Affected	in	Microsoft Search vendor "Microsoft"	Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server"	sp2 Search vendor "Microsoft" for product "Windows 2003 Server" and version "sp2"	-	Safe
Trend Micro Search vendor "Trend Micro"	Serverprotect Search vendor "Trend Micro" for product "Serverprotect"	5.58 Search vendor "Trend Micro" for product "Serverprotect" and version "5.58"	emc	Affected	in	Microsoft Search vendor "Microsoft"	Windows Nt Search vendor "Microsoft" for product "Windows Nt"	*	-	Safe
Trend Micro Search vendor "Trend Micro"	Serverprotect Search vendor "Trend Micro" for product "Serverprotect"	5.58 Search vendor "Trend Micro" for product "Serverprotect" and version "5.58"	emc	Affected	in	Microsoft Search vendor "Microsoft"	Windows Vista Search vendor "Microsoft" for product "Windows Vista"	*	32_bit	Safe
Trend Micro Search vendor "Trend Micro"	Serverprotect Search vendor "Trend Micro" for product "Serverprotect"	5.58 Search vendor "Trend Micro" for product "Serverprotect" and version "5.58"	emc	Affected	in	Microsoft Search vendor "Microsoft"	Windows Xp Search vendor "Microsoft" for product "Windows Xp"	*	gold	Safe
Trend Micro Search vendor "Trend Micro"		Serverprotect Search vendor "Trend Micro" for product "Serverprotect"				5.58 Search vendor "Trend Micro" for product "Serverprotect" and version "5.58"		emc		Affected
Trend Micro Search vendor "Trend Micro"		Serverprotect Search vendor "Trend Micro" for product "Serverprotect"				5.61 Search vendor "Trend Micro" for product "Serverprotect" and version "5.61"		network_appliance_filer		Affected
Trend Micro Search vendor "Trend Micro"		Serverprotect Search vendor "Trend Micro" for product "Serverprotect"				5.62 Search vendor "Trend Micro" for product "Serverprotect" and version "5.62"		network_appliance_filer		Affected