Trend Micro has patched a pair of remote code execution vulnerabilities in ServerProtect, its server-based antivirus software, that could open the door for attackers to gain control over affected machines.
Both are stack-based buffer overflow bugs affecting ServerProtect For Windows version 5.58, Trend Micro said in a Tuesday advisory.
The first flaw stems from the failure of the "TmRpcSrv.dll" library to check user input before copying it to memory, Symantec said in a Deepsight Threat Management System advisory.
The bug affects the "EarthAgent.exe" daemon on TCP port 3628, and an attacker could exploit it by sending malicious code to a server with ServerProtect installed, according to Symantec.
The second vulnerability exists in the "AgRpcCln.dll" library and can be used to trigger a malicious RPC request to the "SpntSvc.exe" service, which is on TCP port 5168, Symantec said.
View: CRN
Both are stack-based buffer overflow bugs affecting ServerProtect For Windows version 5.58, Trend Micro said in a Tuesday advisory.
The first flaw stems from the failure of the "TmRpcSrv.dll" library to check user input before copying it to memory, Symantec said in a Deepsight Threat Management System advisory.
The bug affects the "EarthAgent.exe" daemon on TCP port 3628, and an attacker could exploit it by sending malicious code to a server with ServerProtect installed, according to Symantec.
The second vulnerability exists in the "AgRpcCln.dll" library and can be used to trigger a malicious RPC request to the "SpntSvc.exe" service, which is on TCP port 5168, Symantec said.
View: CRN
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.