Vulnerability Description
Trend Micro ServerProtect EarthAgent for Windows Management Console 5.58 and possibly earlier versions, when running with Trend Micro Control Manager 2.5 and 3.0, and Damage Cleanup Server 1.1, allows remote attackers to cause a denial of service (CPU consumption) via a flood of crafted packets with a certain "magic value" to port 5005, which also leads to a memory leak.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Trend Micro | Serverprotect Earthagent | 5.58 |
Related Weaknesses (CWE)
References
- http://kb.trendmicro.com/solutions/search/main/search/solutionDetail.asp?solutio
- http://secunia.com/advisories/18038Vendor Advisory
- http://securityreason.com/securityalert/259
- http://securitytracker.com/id?1015358
- http://solutionfile.trendmicro.com/SolutionFile/25254/en/Hotfix_Readme_SPNT5_58_
- http://www.idefense.com/application/poi/display?id=356&type=vulnerabilitiesVendor Advisory
- http://www.osvdb.org/21773
- http://www.securityfocus.com/bid/15868
- http://www.vupen.com/english/advisories/2005/2907Vendor Advisory
- http://kb.trendmicro.com/solutions/search/main/search/solutionDetail.asp?solutio
- http://secunia.com/advisories/18038Vendor Advisory
- http://securityreason.com/securityalert/259
- http://securitytracker.com/id?1015358
- http://solutionfile.trendmicro.com/SolutionFile/25254/en/Hotfix_Readme_SPNT5_58_
- http://www.idefense.com/application/poi/display?id=356&type=vulnerabilitiesVendor Advisory
FAQ
What is CVE-2005-1928?
CVE-2005-1928 is a vulnerability with a CVSS score of 7.8 (HIGH). Trend Micro ServerProtect EarthAgent for Windows Management Console 5.58 and possibly earlier versions, when running with Trend Micro Control Manager 2.5 and 3.0, and Damage Cleanup Server 1.1, allows...
How severe is CVE-2005-1928?
CVE-2005-1928 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-1928?
Check the references section above for vendor advisories and patch information. Affected products include: Trend Micro Serverprotect Earthagent.