CVE-2005-1929: Buffer Overflow
First published: Wed Dec 14 2005(Updated: )
Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via "wrapped" length values in Chunked transfer requests. NOTE: the original report suggests that the relay.dll issue is related to a problem in which a Microsoft Foundation Classes (MFC) static library returns invalid values under heavy load. As such, this might not be a vulnerability in Trend Micro's product.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Trend Micro ServerProtect for Windows | <=5.58 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039972.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039978.html
- http://secunia.com/advisories/18038
- http://securityreason.com/securityalert/256
- http://securityreason.com/securityalert/257
- http://securitytracker.com/id?1015358
- http://www.idefense.com/application/poi/display?id=353&type=vulnerabilities
- http://www.osvdb.org/21771
- http://www.osvdb.org/21772
- http://www.securityfocus.com/bid/15865
- http://www.securityfocus.com/bid/15866
- http://www.vupen.com/english/advisories/2005/2907
Frequently Asked Questions
What is the severity of CVE-2005-1929?
CVE-2005-1929 is classified as critical due to the potential for remote code execution by attackers.
How do I fix CVE-2005-1929?
To fix CVE-2005-1929, update Trend Micro ServerProtect to version 5.59 or later.
What types of attacks are associated with CVE-2005-1929?
CVE-2005-1929 is associated with remote code execution attacks utilizing heap-based buffer overflows.
Which versions of Trend Micro ServerProtect are affected by CVE-2005-1929?
Trend Micro ServerProtect Management Console versions 5.58 and earlier are affected by CVE-2005-1929.
Is user interaction required for exploitation of CVE-2005-1929?
No, exploitation of CVE-2005-1929 can occur remotely without user interaction.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/trend micro
- product/serverprotect
- canonical/trend micro serverprotect
- agent/weakness
- canonical/trend micro serverprotect for windows
- version/trend micro serverprotect for windows/5.58