Published:2017/09/20 Last Updated:2017/09/20
JVNVU#93240386
Multiple vulnerabilities in ServerProtect for Linux
Overview
ServerProtect for Linux provided by Trend Micro Incorporated contains multiple vulnerabilities.
Products Affected
- ServerProtect for Linux prior to Version 3.0 CP 1531
Description
ServerProtect for Linux provided by Trend Micro Incorporated contains multiple vulnerabilities.
Impact
A successful man-in-the-middle attack may cause a specially crafted file prepared by an attacker being downloaded and executed. As a result, arbitrary code may be executed.
Solution
Apply the Patch
Apply the patch according to the information provided by the developer.
The developer has released ServerProtect for Linux Version 3.0 CP 1531 to address this vulnerability.
Vendor Status
| Vendor | Link |
| Trend Micro Incorporated | SECURITY BULLETIN: Trend Micro ServerProtect for Linux 3.0 Multiple Vulnerabilities |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.
Trend Micro Incorporated and JPCERT/CC coordinated.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2017-9032 |
|
CVE-2017-9033 |
|
|
CVE-2017-9034 |
|
|
CVE-2017-9035 |
|
|
CVE-2017-9036 |
|
|
CVE-2017-9037 |
|
| JVN iPedia |