Vulnerability Name:

CVE-2005-1929 (CCN-23600)

Assigned:2005-12-14
Published:2005-12-14
Updated:2011-03-07
Summary:Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via "wrapped" length values in Chunked transfer requests.
Note: the original report suggests that the relay.dll issue is related to a problem in which a Microsoft Foundation Classes (MFC) static library returns invalid values under heavy load. As such, this might not be a vulnerability in Trend Micro's product.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2005-1929

Source: FULLDISC
Type: UNKNOWN
20051214 Re: iDefense Security Advisory 12.14.05: Trend Micro ServerProtect relay.dll Chunked Overflow Vulnerability

Source: FULLDISC
Type: UNKNOWN
20051214 Re: iDefense Security Advisory 12.14.05: Trend Micro ServerProtect relay.dll Chunked Overflow Vulnerability

Source: CCN
Type: SA18038
Trend Micro ServerProtect Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
18038

Source: SREASON
Type: UNKNOWN
256

Source: SREASON
Type: UNKNOWN
257

Source: CCN
Type: SECTRACK ID: 1015358
Trend Micro ServerProtect Buffer Overflows and Other Bugs Permit Remote Code Execution, Denial of Service, and File Disclosure

Source: SECTRACK
Type: UNKNOWN
1015358

Source: IDEFENSE
Type: Vendor Advisory
20051214 Trend Micro ServerProtect isaNVWRequest.dll Chunked Overflow

Source: CCN
Type: iDEFENSE Security Advisory 12.14.05
Trend Micro ServerProtect relay.dll Chunked Overflow Vulnerability

Source: OSVDB
Type: UNKNOWN
21771

Source: OSVDB
Type: UNKNOWN
21772

Source: CCN
Type: OSVDB ID: 21771
Trend Micro ServerProtect isaNVWRequest.dll POST Request Remote Overflow

Source: CCN
Type: OSVDB ID: 21772
Trend Micro ServerProtect relay.dll POST Request Remote Overflow

Source: BID
Type: UNKNOWN
15865

Source: CCN
Type: BID-15865
Trend Micro ServerProtect ISANVWRequest Heap Overflow Vulnerability

Source: BID
Type: UNKNOWN
15866

Source: CCN
Type: BID-15866
Trend Micro ServerProtect Relay Heap Overflow Vulnerability

Source: CCN
Type: Trend Micro Web site
ServerProtect for Microsoft Windows/Novell NetWare

Source: VUPEN
Type: Vendor Advisory
ADV-2005-2907

Source: XF
Type: UNKNOWN
serverprotect-relay-bo(23600)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:trend_micro:serverprotect:*:*:emc:*:*:*:*:* (Version <= 5.58)

    • Configuration CCN 1:
  • cpe:/a:novell:netware:6.5:*:*:*:*:*:*:*
  • AND
  • cpe:/o:novell:netware:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:novell:netware:6.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Vulnerability Name:

    CVE-2005-1929 (CCN-23602)

    Assigned:2005-12-14
    Published:2005-12-14
    Updated:2011-03-07
    Summary:Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via "wrapped" length values in Chunked transfer requests.
    Note: the original report suggests that the relay.dll issue is related to a problem in which a Microsoft Foundation Classes (MFC) static library returns invalid values under heavy load. As such, this might not be a vulnerability in Trend Micro's product.
    CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
    Exploitability Metrics:Attack Vector (AV): Network
    Attack Complexity (AC): Low
    Privileges Required (PR): None
    User Interaction (UI): None
    Scope:Scope (S): Unchanged
    Impact Metrics:Confidentiality (C): Low
    Integrity (I): Low
    Availibility (A): Low
    CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Authentication (Au): None
    Impact Metrics:Confidentiality (C): Partial
    Integrity (I): Partial
    Availibility (A): Partial
    7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Athentication (Au): None
    Impact Metrics:Confidentiality (C): Partial
    Integrity (I): Partial
    Availibility (A): Partial
    Vulnerability Type:CWE-119
    Vulnerability Consequences:Gain Access
    References:Source: MITRE
    Type: CNA
    CVE-2005-1929

    Source: CCN
    Type: SA18038
    Trend Micro ServerProtect Multiple Vulnerabilities

    Source: CCN
    Type: SECTRACK ID: 1015358
    Trend Micro ServerProtect Buffer Overflows and Other Bugs Permit Remote Code Execution, Denial of Service, and File Disclosure

    Source: CCN
    Type: iDEFENSE Security Advisory 12.14.05
    Trend Micro ServerProtect isaNVWRequest.dll Chunked Overflow

    Source: CCN
    Type: OSVDB ID: 21771
    Trend Micro ServerProtect isaNVWRequest.dll POST Request Remote Overflow

    Source: CCN
    Type: OSVDB ID: 21772
    Trend Micro ServerProtect relay.dll POST Request Remote Overflow

    Source: CCN
    Type: BID-15865
    Trend Micro ServerProtect ISANVWRequest Heap Overflow Vulnerability

    Source: CCN
    Type: BID-15866
    Trend Micro ServerProtect Relay Heap Overflow Vulnerability

    Source: CCN
    Type: Trend Micro Web site
    ServerProtect for Microsoft Windows/Novell NetWare

    Source: XF
    Type: UNKNOWN
    serverprotect-isanvwrequest-bo(23602)

    BACK
    trend_micro serverprotect *
    novell netware 6.5
    novell netware 5.1
    novell netware 6.0