[Vulnerability Response] Buffer overflow in ServerProtect
 

Solution ID:

 EN-1034290

Product:

 ServerProtect for EMC Celerra - 5.58; ServerProtect for Network Appliance Filer - 5.61; ServerProtect for Microsoft Windows - 5.58
Operating System:
 Windows 2000 Server - SP4; Windows Server 2003 Datacenter Edition; Windows Server 2003 Enterprise Edition; Windows Server 2003 Standard Edition; Windows 2000 Professional Edition - SP4

Published:

 7/18/2009 2:40 AM 
 

Problem:

The following have buffer overflow issues which may allow attackers to execute arbitrary codes:

RPC call to function CMON_NetTestConnection (in module stcommon.dll)

RPC call to RPCFN_ActiveRollback (in module stcommon.dll)

RPC call to function ENG_SetRealTimeScanConfigInfo (in module eng50.dll)

RPC call to function ENG_SendEmail (in module eng50.dll)

RPC call to RPCFN_EVENTBACK_Online (in module earthagent.exe)

Function CreateBinding in AgRpcCln.dll

 

This vulnerability affects the following products:

 

ServerProtect for Windows 5.58

ServerProtect for EMC 5.58

ServerProtect for Network Appliance Filer 5.61

ServerProtect for Network Appliance Filer 5.62
 

Solution:
Public
 

To address this issue on ServerProtect for Windows 5.58, download the corresponding Security Patch:

 

Security Patch 2 - Build 1174 (English)

 

SPNT 5.58 Patch 4 (Japanese)

 

Security Patch 2 - Build 1176 (Simplified Chinese)

 

Security Patch 2 - Build 1176 (Traditional Chinese)

 

For ServerProtect for EMC Celerra 5.58, download the Quarterly Patch:

 

SPEMC 5.58 Quarterly Patch 1 (English)

 

For ServerProtect for Network Appliance Filer 5.61, download the Security Patch:

 

Security Patch 1 - Build 1069 (English)

 

For ServerProtect for Network Appliance Filer 5.62, download the Security Patch:

 

Security Patch 1 - Build 1013 (Japanese)

  
Rate this Solution
Did this article help you?
   Yes       No
Comments:
This form uses an automated system and does not provide feedback.