TippingPoint Security Research Team has reported some vulnerabilities in Trend Micro ServerProtect, which can be exploited by malicious people to compromise a vulnerable system.
1) A boundary error within the "CMON_NetTestConnection()" function in StCommon.dll can be exploited to cause a stack-based buffer overflow via a specially crafted RPC request to the SpntSvc.exe service (default port 5168/TCP).
2) A boundary error within the "ENG_SendEMail()" function in eng50.dll can be exploited to cause a stack-based buffer overflow via a specially crafted RPC request to the SpntSvc.exe service.
Successful exploitation of the vulnerabilities allows execution of arbitrary code with SYSTEM privileges.
The vulnerabilities are reported in the following versions:
* ServerProtect for Windows 5.58
* ServerProtect for EMC 5.58
* ServerProtect for Network Appliance Filer 5.61
* ServerProtect for Network Appliance Filer 5.62
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org