Trend Micro Serverprotect vulnerabilities

CVE-2006-5269 [CRITICAL] CWE-119 CVE-2006-5269: Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 all Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, probably related to an RPC interface.

CVE-2007-0073 [CRITICAL] CWE-119 CVE-2007-0073: Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 all Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a file read operation over RPC.

CVE-2008-0013 [CRITICAL] CVE-2008-0013: Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 all Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0014.

CVE-2008-0014 [CRITICAL] CVE-2008-0014: Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 all Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0013.

CVE-2008-0012 [CRITICAL] CWE-119 CVE-2008-0012: Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 all Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0013 and CVE-2008-0014.

CVE-2007-0072 [CRITICAL] CWE-119 CVE-2007-0072: Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 all Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a read operation over RPC.

CVE-2007-0074 [CRITICAL] CWE-119 CVE-2007-0074: Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 all Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a folder read operation over RPC.

CVE-2006-5268 [CRITICAL] CWE-287 CVE-2006-5268: Unspecified vulnerability in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execu Unspecified vulnerability in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via vectors related to obtaining "administrative access to the RPC interface."

CVE-2007-6507 [CRITICAL] CWE-264 CVE-2007-6507: SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes u SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface, which allows remote attackers to obtain "full file system access" and execute arbitrary code.

CVE-2007-4731 [CRITICAL] CWE-119 CVE-2007-4731: Stack-based buffer overflow in the TMregChange function in TMReg.dll in Trend Micro ServerProtect be Stack-based buffer overflow in the TMregChange function in TMReg.dll in Trend Micro ServerProtect before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 5005.

CVE-2007-4219 [CRITICAL] CWE-189 CVE-2007-4219: Integer overflow in the RPCFN_SYNC_TASK function in StRpcSrv.dll, as used by the ServerProtect servi Integer overflow in the RPCFN_SYNC_TASK function in StRpcSrv.dll, as used by the ServerProtect service (SpntSvc.exe), in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a certain integer field in a request packet to TCP port 5168, which triggers a heap-based buffer overflow.

CVE-2007-4218 [CRITICAL] CWE-20 CVE-2007-4218: Multiple buffer overflows in the ServerProtect service (SpntSvc.exe) in Trend Micro ServerProtect fo Multiple buffer overflows in the ServerProtect service (SpntSvc.exe) in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allow remote attackers to execute arbitrary code via certain RPC requests to certain TCP ports that are processed by the (1) RPCFN_ENG_NewManualScan, (2) RPCFN_ENG_TimedNewManualScan, and (3) RPCFN_SetComputerName

CVE-2007-4490 [CRITICAL] CVE-2007-4490: Multiple buffer overflows in EarthAgent.exe in Trend Micro ServerProtect 5.58 for Windows before Sec Multiple buffer overflows in EarthAgent.exe in Trend Micro ServerProtect 5.58 for Windows before Security Patch 4 allow remote attackers to have an unknown impact via certain RPC function calls to (1) RPCFN_EVENTBACK_DoHotFix or (2) CMD_CHANGE_AGENT_REGISTER_INFO.

CVE-2007-2533 [CRITICAL] CVE-2007-2533: Multiple buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2- Build 1174 allo Multiple buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2- Build 1174 allow remote attackers to execute arbitrary code via a crafted RPC message processed by the (1) the RPCFN_ActiveRollback function in (a) stcommon.dll, or the (2) ENG_SetRealTimeScanConfigInfo or (3) ENG_SendEmail functions in (b) eng50.dll.

CVE-2007-2508 [CRITICAL] CWE-119 CVE-2007-2508: Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Buil Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to (1) TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in SpntSvc.exe; or (2) TCP port 3628, which triggers an o

CVE-2007-2528 [CRITICAL] CVE-2007-2528: Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows before Security Patch Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows before Security Patch 3 Build 1176 allows remote attackers to execute arbitrary code via unknown vectors related to RPC requests. NOTE: this is probably a different vulnerability than CVE-2007-2508.

CVE-2007-1168 [HIGH] CVE-2007-1168: Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 allows remote attacker Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 allows remote attackers to access arbitrary web pages and reconfigure the product via HTTP requests with the splx_2376_info cookie to the web interface port (14942/tcp).

CVE-2007-1169 [MEDIUM] CVE-2007-1169: The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 a The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 accepts logon requests through unencrypted HTTP, which might allow remote attackers to obtain credentials by sniffing the network.

CVE-2007-1070 [CRITICAL] CVE-2007-1070: Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions

CVE-2007-0851 [CRITICAL] CVE-2007-0851: Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, a Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable.