From Secunia:
Description:
Two vulnerabilities have been reported in Trend Micro ServerProtect, which can be exploited by malicious people to compromise a vulnerable system.1) A boundary error within the EarthAgent.exe service can be exploited to cause a stack-based buffer overflow via a specially crafted RPC request to the said service (default port 3628/TCP).
2) A boundary error within the “CAgRpcClient::CreateBinding()” function in AgRpcCln.dll can be exploited to cause a stack-based buffer overflow via a specially crafted RPC request to the SpntSvc.exe service (default port 5168/TCP).
Successful exploitation of the vulnerabilities allows execution of arbitrary code.
The vulnerabilities reportedly affect version 5.58.
Solution:
Apply patches.
http://www.trendmicro.com/download_beta/product.asp?productid=17
UPDATE: Turns out there may be active exploitation of this one underway.
Tags: Trend Micro Vulnerability, Buffer Overflows, Security Advisory
