Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Serverprotect
(Trend_micro)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 25 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2007-08-22 | CVE-2007-4490 | Multiple buffer overflows in EarthAgent.exe in Trend Micro ServerProtect 5.58 for Windows before Security Patch 4 allow remote attackers to have an unknown impact via certain RPC function calls to (1) RPCFN_EVENTBACK_DoHotFix or (2) CMD_CHANGE_AGENT_REGISTER_INFO. | Serverprotect | N/A | ||
| 2007-08-22 | CVE-2007-4219 | Integer overflow in the RPCFN_SYNC_TASK function in StRpcSrv.dll, as used by the ServerProtect service (SpntSvc.exe), in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a certain integer field in a request packet to TCP port 5168, which triggers a heap-based buffer overflow. | Serverprotect | N/A | ||
| 2007-08-22 | CVE-2007-4218 | Multiple buffer overflows in the ServerProtect service (SpntSvc.exe) in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allow remote attackers to execute arbitrary code via certain RPC requests to certain TCP ports that are processed by the (1) RPCFN_ENG_NewManualScan, (2) RPCFN_ENG_TimedNewManualScan, and (3) RPCFN_SetComputerName functions in (a) StRpcSrv.dll; the (4) RPCFN_CMON_SetSvcImpersonateUser and (5) RPCFN_OldCMON_SetSvcImpersonateUser functions in (b)... | Serverprotect | N/A | ||
| 2007-05-08 | CVE-2007-2533 | Multiple buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2- Build 1174 allow remote attackers to execute arbitrary code via a crafted RPC message processed by the (1) the RPCFN_ActiveRollback function in (a) stcommon.dll, or the (2) ENG_SetRealTimeScanConfigInfo or (3) ENG_SendEmail functions in (b) eng50.dll. | Serverprotect | N/A | ||
| 2007-05-08 | CVE-2007-2528 | Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows before Security Patch 3 Build 1176 allows remote attackers to execute arbitrary code via unknown vectors related to RPC requests. NOTE: this is probably a different vulnerability than CVE-2007-2508. | Serverprotect | N/A | ||
| 2007-05-08 | CVE-2007-2508 | Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to (1) TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in SpntSvc.exe; or (2) TCP port 3628, which triggers an overflow in EarthAgent.exe. NOTE: both issues are reachable via TmRpcSrv.dll. | Serverprotect | N/A | ||
| 2007-03-02 | CVE-2007-1169 | The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 accepts logon requests through unencrypted HTTP, which might allow remote attackers to obtain credentials by sniffing the network. | Serverprotect | N/A | ||
| 2007-03-02 | CVE-2007-1168 | Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 allows remote attackers to access arbitrary web pages and reconfigure the product via HTTP requests with the splx_2376_info cookie to the web interface port (14942/tcp). | Serverprotect | N/A | ||
| 2007-02-21 | CVE-2007-1070 | Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions in (a) StCommon.dll, and (4) ENG_SetRealTimeScanConfigInfo and (5) ENG_SendEMail functions in (b) eng50.dll. | Serverprotect | N/A | ||
| 2007-02-08 | CVE-2007-0851 | Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable. | Client\-Server\-Messaging_suite_smb, Client\-Server_suite_smb, Control_manager, Interscan_emanager, Interscan_messaging_security_suite, Interscan_viruswall, Interscan_viruswall_for_windows_nt, Interscan_viruswall_scan_engine, Interscan_web_security_suite, Interscan_webmanager, Interscan_webprotect, Officescan, Pc\-Cillin, Pc\-Cillin_internet_security, Pc_cillin_\-_internet_security_2006, Portalprotect, Scanmail, Scanmail_emanager, Scanning_engine, Serverprotect, Viruswall, Web_security_suite, Webprotect | N/A |