Trend Micro Warns Of Server Antivirus Flaws

Trend Micro has patched a pair of remote code execution vulnerabilities in ServerProtect, its server-based antivirus software, that could open the door for attackers to gain control over affected machines.

Both are stack-based buffer overflow bugs affecting ServerProtect For Windows version 5.58, Trend Micro said in a Tuesday advisory.

The first flaw stems from the failure of the "TmRpcSrv.dll" library to check user input before copying it to memory, Symantec said in a Deepsight Threat Management System advisory.

The bug affects the "EarthAgent.exe" daemon on TCP port 3628, and an attacker could exploit it by sending malicious code to a server with ServerProtect installed, according to Symantec.

The second vulnerability exists in the "AgRpcCln.dll" library and can be used to trigger a malicious RPC request to the "SpntSvc.exe" service, which is on TCP port 5168, Symantec said.

View: CRN

Report a problem with article
Next Article

IT Organizations: Cautious Vista Testing and Deployment

Previous Article

Silverlight To Gain Support for Opera Browser