|Trend Micro ServerProtect EarthAgent Remote DoS Vulnerability|
Remote exploitation of a denial of service vulnerability in Trend Micro
Inc.'s ServerProtect EarthAgent daemon allow attackers to cause the
target process to consume 100% of available CPU resources.
The problem specifically exists within ServerProtect EarthAgent in the
handling of maliciously crafted packets transmitted with the magic value
"\x21\x43\x65\x87" targeting TCP port 5005. A memory leak also occurs
with each received exploit packet allowing an attacker to exhaust all
available memory resources with repeated attack.
Successful exploitation of the described vulnerability allows
unauthenticated remote attackers to consume 100% CPU resources,
increasingly consume memory resources and potentially crash the
underlying operating system. Full CPU utilization can be achieved with a
single packet, memory consumption occurs incrementally on subsequent