Trend Micro: [Vulnerability Response] Buffer overflow in ServerProtect

by Vitaly Popovich [Published on 21 Feb. 2007 / Last Updated on 21 Feb. 2007]

Solution ID:

1034290A recent system upgrade added a '1' or '2' to old solution IDs. You find these solutions by removing or retaining the extra '1' or '2'.

Product:

ServerProtect for Microsoft Windows - 5.58, ServerProtect for Network Appliance Filer - 5.61, ServerProtect for EMC Celerra - 5.58

Operating System:

Windows 2000 Professional Edition - SP4, Windows 2000 Server - SP4, Windows Server 2003 Datacenter Edition, Windows Server 2003 Enterprise Edition, Windows Server 2003 Standard Edition

Published:

2/19/07 9:41 PM

Problem:

A flaw in the "CMON_NetTestConnection()" routine in StCommon.dll may allow attackers to execute arbitrary codes on the application.

This vulnerability affects the following products:

ServerProtect for Windows 5.58

ServerProtect for EMC 5.58

ServerProtect for Network Appliance Filer 5.61

ServerProtect for Network Appliance Filer 5.62

Solution:

To address this issue on ServerProtect for Windows 5.58, download Security Patch 1- Build 1171 (English).

More security patches may be released on the following dates:

2/27/2007

ServerProtect for Windows 5.58 (Traditional Chinese)

3/05/2007

ServerProtect for Windows 5.58 (Simplified Chinese)

3/19/2007

ServerProtect for EMC 5.58 (English)

3/29/2007

ServerProtect for Network Appliance Filer 5.61 (English)

We will soon post updates about the release dates for the security patches of the following products:

ServerProtect for Windows 5.58 (Japanese)

ServerProtect for Network Appliance Filer 5.61 (Japanese)

ServerProtect for Network Appliance Filer 5.62 (Japanese)

Solution ID: 1034290
A recent system upgrade added a '1' or '2' to old solution IDs. You find these solutions by removing or retaining the extra '1' or '2'.
Product: ServerProtect for Microsoft Windows - 5.58, ServerProtect for Network Appliance Filer - 5.61, ServerProtect for EMC Celerra - 5.58
Operating System: Windows 2000 Professional Edition - SP4, Windows 2000 Server - SP4, Windows Server 2003 Datacenter Edition, Windows Server 2003 Enterprise Edition, Windows Server 2003 Standard Edition
Published: 2/19/07 9:41 PM


Problem:

A flaw in the "CMON_NetTestConnection()" routine in StCommon.dll may allow attackers to execute arbitrary codes on the application.

This vulnerability affects the following products:

ServerProtect for Windows 5.58

ServerProtect for EMC 5.58

ServerProtect for Network Appliance Filer 5.61

ServerProtect for Network Appliance Filer 5.62



Solution:

To address this issue on ServerProtect for Windows 5.58, download Security Patch 1- Build 1171 (English).

More security patches may be released on the following dates:

2/27/2007

ServerProtect for Windows 5.58 (Traditional Chinese)

3/05/2007

ServerProtect for Windows 5.58 (Simplified Chinese)

3/19/2007

ServerProtect for EMC 5.58 (English)

3/29/2007

ServerProtect for Network Appliance Filer 5.61 (English)

We will soon post updates about the release dates for the security patches of the following products:

ServerProtect for Windows 5.58 (Japanese)

ServerProtect for Network Appliance Filer 5.61 (Japanese)

ServerProtect for Network Appliance Filer 5.62 (Japanese)

Add Review or Comment

Featured Links