Multiple Vulnerabilities in Trend Micro Products(US-CERT Current Activity:)
ServerProtectに複数のDoSを誘発する脆弱性が存在してパッチをリリースしたそうです。
Trend Micro has released updates to address several vulnerabilities in their ServerProtect, AntiSpyware, and PC-cillin Internet Security products. By sending a crafted RPC request or creating a file on the local file system with an overly long path, an attacker may be able to cause a denial-of-service condition or execute arbitrary code on an affected system.
関連URL
- Trend Micro ServerProtect Multiple Buffer Overflow Vulnerabilities(Nessus)
- Trend Micro ServerProtect Multiple Buffer Overflow Vulnerabilities
- Trend Micro ServerProtect RPCFN_SYNC_TASK Integer Overflow Vulnerability
- JVNVU#329735: Trend Micro ServerProtect におけるバッファオーバーフローの脆弱性
- InfoSec Handlers Diary Blog - Trend Micro management exploit payload perhaps?
- http://servicecenter.antivirus.com/tm/core/en/frame4public/advisory/index.php?selectReleaseDate=2007-08-23&debut=0#12183