Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Informations | |||
|---|---|---|---|
| Name | CVE-2007-4218 | First vendor Publication | 2007-08-22 |
| Vendor | Cve | Last vendor Modification | 2018-10-15 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Multiple buffer overflows in the ServerProtect service (SpntSvc.exe) in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allow remote attackers to execute arbitrary code via certain RPC requests to certain TCP ports that are processed by the (1) RPCFN_ENG_NewManualScan, (2) RPCFN_ENG_TimedNewManualScan, and (3) RPCFN_SetComputerName functions in (a) StRpcSrv.dll; the (4) RPCFN_CMON_SetSvcImpersonateUser and (5) RPCFN_OldCMON_SetSvcImpersonateUser functions in (b) Stcommon.dll; the (6) RPCFN_ENG_TakeActionOnAFile and (7) RPCFN_ENG_AddTaskExportLogItem functions in (c) Eng50.dll; the (8) NTF_SetPagerNotifyConfig function in (d) Notification.dll; or the (9) RPCFN_CopyAUSrc function in the (e) ServerProtect Agent service. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4218 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 33 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
| 33 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 33 % | CWE-20 | Improper Input Validation |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 |
SAINT Exploits
| Description | Link |
|---|---|
| Trend Micro ServerProtect RPCFN_CMON_SetSvcImpersonateUser buffer overflow | More info here |
| Trend Micro ServerProtect RPC NTF_SetPagerNotifyConfig buffer overflow | More info here |
| Trend Micro ServerProtect SpntSvc RPC buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 39754 | Trend Micro ServerProtect for Windows (SpntSvc.exe) Notification.dll NTF_SetP... |
| 39753 | Trend Micro ServerProtect for Windows (SpntSvc.exe) Eng50.dll Multiple Functi... |
| 39752 | Trend Micro ServerProtect for Windows (SpntSvc.exe) Stcommon.dll Multiple Fun... |
| 39751 | Trend Micro ServerProtect for Windows (SpntSvc.exe) StRpcSrv.dll Multiple Fun... |
| 39750 | Trend Micro ServerProtect for Windows Agent Service RPCFN_CopyAUSrc Function ... |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2007-08-24 | IAVM : 2007-T-0035 - Trend Micro ServerProtect Multiple Remote Code Execution Vulnerabilities Severity : Category I - VMSKEY : V0014876 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | DCERPC DIRECT trend-serverprotect _SetSvcImpersonateUser object call attempt RuleID : 12352 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT trend-serverprotect _SetSvcImpersonateUser little endian object... RuleID : 12351 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT trend-serverprotect _SetSvcImpersonateUser attempt RuleID : 12350 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT v4 trend-serverprotect _SetSvcImpersonateUser attempt RuleID : 12349 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT trend-serverprotect _SetSvcImpersonateUser little endian attempt RuleID : 12348 - Revision : 5 - Type : NETBIOS |
| 2014-01-10 | DCERPC NCACN-IP-TCP trend-serverprotect _SetSvcImpersonateUser attempt RuleID : 12347 - Revision : 15 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT trend-serverprotect Trent_req_num_a0030 object call attempt RuleID : 12346 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT trend-serverprotect Trent_req_num_a0030 little endian object ca... RuleID : 12345 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT v4 trend-serverprotect Trent_req_num_a0030 little endian attempt RuleID : 12344 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT trend-serverprotect Trent_req_num_a0030 attempt RuleID : 12343 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT v4 trend-serverprotect Trent_req_num_a0030 attempt RuleID : 12342 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC NCACN-IP-TCP trend-serverprotect Trent_req_num_a0030 attempt RuleID : 12341 - Revision : 12 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT trend-serverprotect Trent_req_num_30010 little endian object ca... RuleID : 12340 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT trend-serverprotect Trent_req_num_30010 object call overflow at... RuleID : 12339 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT v4 trend-serverprotect Trent_req_num_30010 little endian overfl... RuleID : 12338 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT trend-serverprotect Trent_req_num_30010 little endian overflow ... RuleID : 12337 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT trend-serverprotect Trent_req_num_30010 overflow attempt RuleID : 12336 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC NCACN-IP-TCP trend-serverprotect Trent_req_num_30010 overflow attempt RuleID : 12335 - Revision : 15 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT trend-serverprotect _TakeActionOnAFile object call attempt RuleID : 12334 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT trend-serverprotect _TakeActionOnAFile little endian object cal... RuleID : 12333 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC NCACN-IP-TCP trend-serverprotect _TakeActionOnAFile attempt RuleID : 12332 - Revision : 12 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT v4 trend-serverprotect _TakeActionOnAFile little endian attempt RuleID : 12331 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT trend-serverprotect _TakeActionOnAFile little endian attempt RuleID : 12330 - Revision : 5 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT v4 trend-serverprotect _TakeActionOnAFile attempt RuleID : 12329 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT trend-serverprotect _AddTaskExportLogItem object call attempt RuleID : 12328 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT trend-serverprotect _AddTaskExportLogItem little endian object ... RuleID : 12327 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC NCACN-IP-TCP trend-serverprotect _AddTaskExportLogItem attempt RuleID : 12326 - Revision : 15 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT v4 trend-serverprotect _AddTaskExportLogItem little endian attempt RuleID : 12325 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT trend-serverprotect _AddTaskExportLogItem little endian attempt RuleID : 12324 - Revision : 5 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT v4 trend-serverprotect _AddTaskExportLogItem attempt RuleID : 12323 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC NCACN-IP-TCP trend-serverprotect-earthagent RPCFN_CopyAUSrc little end... RuleID : 12322 - Revision : 7 - Type : NETBIOS |
| 2014-01-10 | DCERPC NCACN-IP-TCP trend-serverprotect-earthagent RPCFN_CopyAUSrc object cal... RuleID : 12321 - Revision : 7 - Type : NETBIOS |
| 2014-01-10 | DCERPC NCACN-IP-TCP v4 trend-serverprotect-earthagent RPCFN_CopyAUSrc attempt RuleID : 12320 - Revision : 7 - Type : NETBIOS |
| 2014-01-10 | DCERPC NCACN-IP-TCP trend-serverprotect-earthagent RPCFN_CopyAUSrc little end... RuleID : 12319 - Revision : 7 - Type : NETBIOS |
| 2014-01-10 | DCERPC NCACN-IP-TCP v4 trend-serverprotect-earthagent RPCFN_CopyAUSrc little ... RuleID : 12318 - Revision : 7 - Type : NETBIOS |
| 2014-01-10 | DCERPC NCACN-IP-TCP trend-serverprotect-earthagent RPCFN_CopyAUSrc attempt RuleID : 12317 - Revision : 19 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT trend-serverprotect _SetPagerNotifyConfig little endian object ... RuleID : 12312 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT trend-serverprotect _SetPagerNotifyConfig object call attempt RuleID : 12311 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT trend-serverprotect _SetPagerNotifyConfig little endian attempt RuleID : 12310 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT trend-serverprotect _SetPagerNotifyConfig attempt RuleID : 12309 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC DIRECT v4 trend-serverprotect _SetPagerNotifyConfig attempt RuleID : 12308 - Revision : 6 - Type : NETBIOS |
| 2014-01-10 | DCERPC NCACN-IP-TCP trend-serverprotect _SetPagerNotifyConfig attempt RuleID : 12307 - Revision : 15 - Type : NETBIOS |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2007-08-22 | Name : It is possible to execute code on the remote host through the AntiVirus Agent. File : trendmicro_serverprotect_multiple2.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2021-05-04 12:06:13 |
|
| 2021-04-22 01:06:46 |
|
| 2020-05-23 00:20:15 |
|
| 2018-10-16 00:19:12 |
|
| 2017-07-29 12:02:26 |
|
| 2016-04-26 16:27:50 |
|
| 2014-02-17 10:41:14 |
|
| 2014-01-19 21:24:22 |
|
| 2013-11-11 12:37:44 |
|
| 2013-05-11 10:33:33 |
|
