• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Trend Micro ServerProtect Multiple Remote Vulnerabilities

Severity: CRITICAL

Description:

Trend Micro ServerProtect is an antivirus application designed specifically for servers.

ServerProtect is prone to multiple remote vulnerabilities:

1. A remote authentication-bypass vulnerability may allow attackers administrative access to the application's RPC interface. This issue is associated with CVE-2006-5268.

2. A heap-based buffer-overflow vulnerability is present. This issue is tracked by CVE-2006-5269.

3. Three remote heap-based buffer-overflow vulnerabilities are also present. These issues are associated with CVE-2007-0072, CVE-2007-0073, and CVE-2007-0074.

4. Three remote heap-based buffer-overflow vulnerabilities are also present. These issues are tracked by CVE-2008-0012, CVE-2008-0013, and CVE-2008-0014.

Few technical details are currently available. We will update this BID as more information emerges.

Successfully exploiting the buffer-overflow issues may allow the attacker to execute arbitrary code with SYSTEM-level privileges or crash the affected application, denying service to legitimate users. Successfully exploiting the authentication-bypass vulnerability will allow the attacker administrative access to the vulnerable application.

Trend Micro ServerProtect 5.58 and 5.7 are vulnerable; additional versions may also be affected.

Affected Products:

• Trend Micro ServerProtect 5.58
• Trend Micro ServerProtect 5.58 (Security Patch 3)
• Trend Micro ServerProtect 5.7
• Trend Micro ServerProtect for Linux
• Trend Micro ServerProtect for Novell Netware
• Trend Micro ServerProtect for Windows
• Trend Micro ServerProtect for Windows 5.58

References:

• CVE: CVE-2006-5268
• CVE: CVE-2006-5269
• CVE: CVE-2007-0072
• CVE: CVE-2007-0073
• CVE: CVE-2007-0074
• CVE: CVE-2008-0012
• CVE: CVE-2008-0013
• CVE: CVE-2008-0014
• David Dewey: The Scoop on the X-Force TrendMicro Advisories
• IBM X-Force: Trend Micro ServerProtect Unauthenticated Remote Administration
• IBM X-Force: Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflow
• IBM X-Force: Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflows (3)
• IBM X-Force: Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflows (3)
• Trend Micro: Trend Micro Homepage
• US-CERT: VU#768681 - Trend Micro ServerProtect contains multiple vulnerabilities

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.