Trend Micro Patches Serious Server AV Bug


Printer-friendly version Email this CRN article

Trend Micro has patched several vulnerabilities in its ServerProtect server antivirus application that could enable hackers to execute malicious code and commandeer affected machines.

The four remote stack based overflow flaws affect ServerProtect for Windows 5.58, ServerProtect for EMC 5.58, ServerProtect for Network Appliance Filer 5.61, and ServerProtect for Network Appliance Filer 5.62, according to a Trend Micro advisory issued Wednesday.

Pedram Amini, manager of TippingPoint's Security Research Team, discovered the vulnerabilities and says a successful exploit would result in the complete compromise of a system.

"Since this runs as a privileged user, an attacker would have full control over the system," Amini said.

Hackers could trigger the flaws by sending a specially rigged remote procedure call (RPC) to the affected application, but the potential impact is limited somewhat by the fact that this is not a service that is typically exposed outside the network, according to Amini.

Secunia said the flaw was 'moderately critical', or three on a five-point scale, while Symantec gave the bug its highest rating of 10.

For Trend Micro, this is the third serious vulnerability to be patched in the past three weeks. Last week, Trend patched a critical stack based buffer overflow vulnerability in its OfficeScan security software, and a week earlier, the Tokyo-based vendor fixed a denial-of-service flaw in the ScanEngine component that's included in nearly all of its products.

Printer-friendly version Email this CRN article