Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Sun, 27 May 2012 23:19:42 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1412588083&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0512-advisories%2F12.14.05-4.txt%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1412588083.1338160782.1338160782.1338160782.1%3B%2B__utmz%3D32867617.1338160782.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/42310/12.14.05-4.txt http://packetstormsecurity.org/files/42310/12.14.05-4.txt http://packetstormsecurity.org/files/42310/iDEFENSE-Security-Advisory-2005-12-14.4.html Thu, 15 Dec 2005 06:52:35 GMT iDEFENSE Security Advisory 12.14.05 - Remote exploitation of a heap overflow in Trend Micro Inc.'s ServerProtect Management Console allows remote attackers to execute arbitrary code with the privileges of the underlying web server. The problem specifically exists within the relay.dll ISAPI application upon processing of large POST requests with wrapped length values. iDefense has confirmed the existence of this vulnerability in Trend Micro ServerProtect for Windows Management Console 5.58 running with Trend Micro Control Manager 2.5/3.0 and Trend Micro Damage Cleanup Server 1.1. It is suspected that earlier versions and versions for other platforms are vulnerable as well.