|
|
Trend Micro ServerProtect SPNTSVC.EXE Multiple Stack Buffer Overflow Vulnerabilities
The following exploit is available to members of the Immunity Partner's program: https://www.immunityinc.com/downloads/immpartners/tm_sprotect.tar UPDATE (August 23, 2007): Symantec has confirmed that the issue affecting the 'ENG_SetRealTimeScanConfigInfo()' routine is actively being exploited in the wild. After leveraging the issue, the exploit code downloads malicious DLLs from IP adress 61.129.11.73 over port 1000. Block access to this IP address at the network boundary to reduce the impact of successful attacks. The W32.Spybot.ATZN worm is known to use this vulnerability. The following exploit has been released. |
|
Privacy Statement |