CVE-2007-2508 - OpenCVE

Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to (1) TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in SpntSvc.exe; or (2) TCP port 3628, which triggers an overflow in EarthAgent.exe. NOTE: both issues are reachable via TmRpcSrv.dll.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Trend Micro	Serverprotect

Configuration 1 [-]

cpe:2.3:a:trend_micro:serverprotect:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://osvdb.org/35789
http://osvdb.org/35790
http://secunia.com/advisories/25186
http://securitytracker.com/id?1018010
http://www.kb.cert.org/vuls/id/488424
http://www.kb.cert.org/vuls/id/515616
http://www.securityfocus.com/archive/1/467932/100/0/threaded
http://www.securityfocus.com/archive/1/467933/100/0/threaded
http://www.securityfocus.com/bid/23866
http://www.securityfocus.com/bid/23868
http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt
http://www.vupen.com/english/advisories/2007/1689
http://www.zerodayinitiative.com/advisories/ZDI-07-024.html
http://www.zerodayinitiative.com/advisories/ZDI-07-025.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/34162
https://exchange.xforce.ibmcloud.com/vulnerabilities/34163

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-05-08T23:00:00

Updated: 2024-08-07T13:42:33.395Z

Reserved: 2007-05-07T00:00:00

Link: CVE-2007-2508

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-05-08T23:19:00.000

Modified: 2018-10-16T16:44:16.587

Link: CVE-2007-2508

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-05-07T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to (1) TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in SpntSvc.exe; or (2) TCP port 3628, which triggers an overflow in EarthAgent.exe. NOTE: both issues are reachable via TmRpcSrv.dll."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2007-1689", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/1689"}, {"name": "serverprotect-earthagent-bo(34163)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34163"}, {"name": "35790", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/35790"}, {"tags": ["x_refsource_MISC"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-025.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt"}, {"name": "20070507 ZDI-07-024: Trend Micro ServerProtect EarthAgent Stack Overflow Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/467932/100/0/threaded"}, {"name": "VU#515616", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/515616"}, {"name": "23868", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/23868"}, {"name": "20070507 ZDI-07-025: Trend Micro ServerProtect AgRpcCln.dll Stack Overflow Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/467933/100/0/threaded"}, {"name": "23866", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/23866"}, {"name": "serverprotect-agrpccln-bo(34162)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34162"}, {"name": "1018010", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1018010"}, {"name": "25186", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25186"}, {"name": "35789", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/35789"}, {"tags": ["x_refsource_MISC"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-024.html"}, {"name": "VU#488424", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/488424"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-2508", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to (1) TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in SpntSvc.exe; or (2) TCP port 3628, which triggers an overflow in EarthAgent.exe. NOTE: both issues are reachable via TmRpcSrv.dll."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2007-1689", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1689"}, {"name": "serverprotect-earthagent-bo(34163)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34163"}, {"name": "35790", "refsource": "OSVDB", "url": "http://osvdb.org/35790"}, {"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-025.html", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-025.html"}, {"name": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt", "refsource": "CONFIRM", "url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt"}, {"name": "20070507 ZDI-07-024: Trend Micro ServerProtect EarthAgent Stack Overflow Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/467932/100/0/threaded"}, {"name": "VU#515616", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/515616"}, {"name": "23868", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23868"}, {"name": "20070507 ZDI-07-025: Trend Micro ServerProtect AgRpcCln.dll Stack Overflow Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/467933/100/0/threaded"}, {"name": "23866", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23866"}, {"name": "serverprotect-agrpccln-bo(34162)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34162"}, {"name": "1018010", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1018010"}, {"name": "25186", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25186"}, {"name": "35789", "refsource": "OSVDB", "url": "http://osvdb.org/35789"}, {"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-024.html", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-024.html"}, {"name": "VU#488424", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/488424"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T13:42:33.395Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2007-1689", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/1689"}, {"name": "serverprotect-earthagent-bo(34163)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34163"}, {"name": "35790", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/35790"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-025.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt"}, {"name": "20070507 ZDI-07-024: Trend Micro ServerProtect EarthAgent Stack Overflow Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/467932/100/0/threaded"}, {"name": "VU#515616", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/515616"}, {"name": "23868", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/23868"}, {"name": "20070507 ZDI-07-025: Trend Micro ServerProtect AgRpcCln.dll Stack Overflow Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/467933/100/0/threaded"}, {"name": "23866", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/23866"}, {"name": "serverprotect-agrpccln-bo(34162)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34162"}, {"name": "1018010", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1018010"}, {"name": "25186", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25186"}, {"name": "35789", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/35789"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-024.html"}, {"name": "VU#488424", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/488424"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-2508", "datePublished": "2007-05-08T23:00:00", "dateReserved": "2007-05-07T00:00:00", "dateUpdated": "2024-08-07T13:42:33.395Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:trend_micro:serverprotect:*:*:*:*:*:*:*:*", "matchCriteriaId": "49B34BBC-D48A-48F7-B30E-0FDAB21E2631", "versionEndIncluding": "5.58", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to (1) TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in SpntSvc.exe; or (2) TCP port 3628, which triggers an overflow in EarthAgent.exe. NOTE: both issues are reachable via TmRpcSrv.dll."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer en la regi\u00f3n?? stack de la memoria en Trend Micro ServerProtect versi\u00f3n 5.58 anterior al parche de seguridad 2 Build 1174, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de datos creados para (1) el puerto TCP 5168, que desencadena un desbordamiento en la funci\u00f3n CAgRpcClient::CreateBinding en AgRpcCln. en la biblioteca DLL en el archivo SpntSvc.exe; o (2) el puerto TCP 3628, que activa un desbordamiento en el archivo EarthAgent.exe. NOTA: ambos problemas son accesibles por medio de la biblioteca TmRpcSrv.dll."}], "id": "CVE-2007-2508", "lastModified": "2018-10-16T16:44:16.587", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-05-08T23:19:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/35789"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/35790"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/25186"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://securitytracker.com/id?1018010"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/488424"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/515616"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/467932/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/467933/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/23866"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/23868"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch2_readme.txt"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/1689"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-024.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-025.html"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34162"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34163"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}