Vulnerabilities > CVE-2007-1070 - Unspecified vulnerability in Trend Micro Serverprotect 5.58/5.61/5.62
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions in (a) StCommon.dll, and (4) ENG_SetRealTimeScanConfigInfo and (5) ENG_SendEMail functions in (b) eng50.dll.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 6 | |
| Application | 3 |
Exploit-Db
description Trend Micro ServerProtect 5.58 Buffer Overflow. CVE-2007-1070. Remote exploit for windows platform id EDB-ID:16827 last seen 2016-02-02 modified 2010-04-30 published 2010-04-30 reporter metasploit source https://www.exploit-db.com/download/16827/ title Trend Micro ServerProtect 5.58 - Buffer Overflow description Trend Micro ServerProtect eng50.dll Remote Stack Overflow Exploit. CVE-2007-1070. Remote exploit for windows platform id EDB-ID:4367 last seen 2016-01-31 modified 2007-09-06 published 2007-09-06 reporter devcode source https://www.exploit-db.com/download/4367/ title Trend Micro ServerProtect eng50.dll - Remote Stack Overflow Exploit
Metasploit
| description | This module exploits a buffer overflow in Trend Micro ServerProtect 5.58 Build 1060. By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code. |
| id | MSF:EXPLOIT/WINDOWS/ANTIVIRUS/TRENDMICRO_SERVERPROTECT |
| last seen | 2020-01-13 |
| modified | 2017-07-24 |
| published | 2007-05-01 |
| references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1070 |
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/antivirus/trendmicro_serverprotect.rb |
| title | Trend Micro ServerProtect 5.58 Buffer Overflow |
Nessus
| NASL family | Gain a shell remotely |
| NASL id | TRENDMICRO_SERVERPROTECT_MULTIPLE.NASL |
| description | The remote version of Trend Micro ServerProtect is vulnerable to multiple stack overflows in the RPC interface. By sending specially crafted requests to the remote host, an attacker may be able to exploit stack based overflows and execute arbitrary code on the remote host. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 24680 |
| published | 2007-02-21 |
| reporter | This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/24680 |
| title | Trend Micro ServerProtect TmRpcSrv.dll RPC Request Multiple Overflows |
Packetstorm
data source https://packetstormsecurity.com/files/download/59111/trendmicro-overflow.txt id PACKETSTORM:59111 last seen 2016-12-05 published 2007-09-06 reporter devcode source https://packetstormsecurity.com/files/59111/trendmicro-overflow.txt.html title trendmicro-overflow.txt data source https://packetstormsecurity.com/files/download/82973/trendmicro_serverprotect.rb.txt id PACKETSTORM:82973 last seen 2016-12-05 published 2009-11-26 reporter MC source https://packetstormsecurity.com/files/82973/Trend-Micro-ServerProtect-5.58-Buffer-Overflow.html title Trend Micro ServerProtect 5.58 Buffer Overflow
Saint
bid 22639 description Trend Micro ServerProtect CMON_ActiveUpdate buffer overflow id misc_av_trendmicro_sprotectcmon osvdb 33042 title serverprotect_cmon_activeupdate type remote bid 22639 description Trend Micro ServerProtect CMON_NetTestConnection buffer overflow id misc_av_trendmicro_sprotectcmon osvdb 33042 title serverprotect_cmon_nettestconnection type remote bid 22639 description Trend Micro ServerProtect ENG_SetRealTimeScanConfigInfo buffer overflow id misc_av_trendmicro_sprotectcmon osvdb 33042 title serverprotect_eng_setrealtime type remote bid 22639 description Trend Micro ServerProtect ENG_SendEMail buffer overflow id misc_av_trendmicro_sprotectcmon osvdb 33042 title serverprotect_eng_sendemail type remote
Seebug
bulletinFamily exploit description No description provided by source. id SSV:7233 last seen 2017-11-19 modified 2007-09-07 published 2007-09-07 reporter Root source https://www.seebug.org/vuldb/ssvid-7233 title Trend Micro ServerProtect eng50.dll Remote Stack Overflow Exploit bulletinFamily exploit description No description provided by source. id SSV:64874 last seen 2017-11-19 modified 2014-07-01 published 2014-07-01 reporter Root source https://www.seebug.org/vuldb/ssvid-64874 title Trend Micro ServerProtect eng50.dll - Remote Stack Overflow Exploit bulletinFamily exploit description No description provided by source. id SSV:7230 last seen 2017-11-19 modified 2007-09-06 published 2007-09-06 reporter Root source https://www.seebug.org/vuldb/ssvid-7230 title Trend Micro ServerProtect eng50.dll Stack Overflow Exploit
References
- http://www.tippingpoint.com/security/advisories/TSRT-07-01.html
- http://www.tippingpoint.com/security/advisories/TSRT-07-02.html
- http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034290
- http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch1_readme.txt
- http://www.kb.cert.org/vuls/id/349393
- http://www.kb.cert.org/vuls/id/466609
- http://www.kb.cert.org/vuls/id/630025
- http://www.kb.cert.org/vuls/id/730433
- http://www.securityfocus.com/bid/22639
- http://www.securitytracker.com/id?1017676
- http://secunia.com/advisories/24243
- http://osvdb.org/33042
- http://www.vupen.com/english/advisories/2007/0670
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32601
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32594
- http://www.securityfocus.com/archive/1/460690/100/0/threaded
- http://www.securityfocus.com/archive/1/460686/100/0/threaded