HighProventia Network IPS, RealSecure Desktop, Proventia Network IDS, Proventia Desktop, Proventia-G 1.1 and earlier, IBM Security Server Protection for Windows, Proventia Network MFS, RealSecure Server Sensor, RealSecure Network, BlackICE PC Protection, BlackICE Server Protection, Virtual Server Protection for Vmware, Proventia Server IPS for Linux technology:
This signature detects malicious RPC (remote procedure call) packet that can cause a heap overflow in TrendMicro ServerProtect, possibly leading to remote execution of code specified by an attacker.
This signature detects a heap overflow using RPC.
High
Proventia Network IPS: XPU 1.95, RealSecure Desktop: eqb, Proventia Network IDS: XPU 24.56, Proventia Desktop: 1960, Proventia-G 1.1 and earlier: XPU 24.56, IBM Security Server Protection for Windows: 2.1.14.2400, IBM Security Server Protection for Windows: 1.0.914.1960, Proventia Network MFS: XPU 1.95, RealSecure Server Sensor: XPU 24.56, RealSecure Network: XPU 24.56, BlackICE PC Protection: 3.6cqb, BlackICE Server Protection: 3.6.cqb, Virtual Server Protection for Vmware: 1.0, Proventia Server IPS for Linux technology: 1.95
Trend Micro ServerProtect: 5.58, Trend Micro ServerProtect: 5.7
Unauthorized Access Attempt
Trend Micro ServerProtect is vulnerable to a heap-based buffer overflow. A remote attacker could exploit this vulnerability to overflow a buffer and execute arbitrary code on the system with SYSTEM privileges.
No remedy available as of July 9, 2011.
IBM Internet Security Systems Protection Advisory November 11, 2008
Trend Micro ServerProtect [PROCEDURE NAME REDACTED] Heap Overflow
http://www.iss.net/threats/308.html
ISS X-Force
Trend Micro ServerProtect heap buffer overflow 1
http://www.iss.net/security_center/static/31113.php
CVE
CVE-2006-5269
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5269