OSVDB ID: 44318

Title: Trend Micro ServerProtect for Windows (SpntSvc.exe) StRpcSrv.dll Arbitrary Remote Code Execution

Info

Disclosure

Dec 17, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Jul 27, 2007

Description

A code execution flaw exists in ServerProtect. StRpcSrv.dll exposes unspecified sub-functions via TCP port 5168 which allow full file system access. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Public, Exploit Private
Disclosure: Vendor Verified
OSVDB: Security Software

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Trend Micro has released a patch to address this vulnerability.

Products

Trend Micro, Inc.

ServerProtect

5.58

References

CVE ID: 2007-6507 (see also: NVD)
Secunia Advisory ID: 26523
Bugtraq ID: 26912
Metasploit ID: 44318
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-12/0228.html
Other Advisory URL: http://securityreason.com/securityalert/3475
http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt
http://www.zerodayinitiative.com/advisories/ZDI-07-077.html

Credit

Eric Detoisien - eric.detoisienglobal-secure.fr - Global Secure

Direct URL: http://osvdb.org/44318