TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
1000
SSL IMAP. It has full set of mailbox management features for adding, deleting, and renaming mailboxes. Chilkat
IMAP ActiveX 7.9 is vulnerable to denial of service attack. This vulnerability is caused due to function
LoadXmlEmail() which is present in ChilkatMail_v7_9.dll allows attacker to execute file which leads to Denial of
Service in IE. By persuading a victim to visit a malicious Web page, containing %u encoded shellcode data attacker
can execute the code. Administrators are advised to update the latest activeX control or alternately user can set killbit to
the clsid 126FB030-1E9E-4517-A254-430616582C50 to resolve this issue.
Signature ID: 35680
Chilkat IMAP ActiveX 7.9 Remote Denial Of Service Attack
Threat Level: Warning
Signature Description: Chilkat IMAP ActiveX is an IMAP client component that can help you read and manage folders
or emails on an IMAP server. It Supports S/MIME signed and encrypted email, multi threaded applications and also
SSL IMAP. It has full set of mailbox management features for adding, deleting, and renaming mailboxes. Chilkat
IMAP ActiveX 7.9 is vulnerable to denial of service attack. This vulnerability is caused due to function
LoadXmlEmail() which is present in ChilkatMail_v7_9.dll allows attacker to execute file which leads to Denial of
Service in IE. Administrators are advised to update the latest activeX control or alternately user can set killbit to the
clsid corresponding to the progid ChilkatMail2.ChilkatMailMan2.1 to resolve this issue. This signature detects attacks
using PROGID.
Signature ID: 35681
Chilkat IMAP ActiveX 7.9 Remote Denial Of Service Attack
Threat Level: Severe
Signature Description: Chilkat IMAP ActiveX is an IMAP client component that can help you read and manage folders
or emails on an IMAP server. It Supports S/MIME signed and encrypted email, multi threaded applications and also
SSL IMAP. It has full set of mailbox management features for adding, deleting, and renaming mailboxes. Chilkat
IMAP ActiveX 7.9 is vulnerable to denial of service attack. This vulnerability is caused due to function
LoadXmlEmail() which is present in ChilkatMail_v7_9.dll allows attacker to execute file which leads to Denial of
Service in IE. Administrators are advised to update the latest activeX control or alternately user can set killbit to the
clsid corresponding to the progid ChilkatMail2.ChilkatMailMan2.1 to resolve this issue. This signature detects attacks
using PROGID and %uHHHH encoding.
Signature ID: 35682
MetaGauge Web Server Directory Traversal Vulnerability
Threat Level: Warning
Industry ID: CVE-2008-4421
Bugtraq: 31596
Signature Description: MetaGauge is network traffic monitoring software designed to be easy to configure and
maintain. MetaGauge monitors traffic on network devices by using SNMP to track the amount of data passed through
the interfaces. The statistics are kept in a database and then displayed in HTML and Graphs. A web server is included
but Windows built in web server can be used as well. MetaGauge versions 1.0.0.17 and 1.0.1.20 are vulnerable to
directory-traversal vulnerability. The vulnerability is caused due to MetaGauge not properly sanitizing HTTP requests
before using them. Exploiting this issue will allow an attacker to view arbitrary local files within the context of the
webserver. Exploiting this issue will allow an attacker to view arbitrary local files within the context of the webserver.
Vendor has provided patch details to resolve this issue. Please upgrade to 1.0.3.38 version or later to resolve this issue.
Signature ID: 35683
Opera Web Browser URI Redirection Remote Code Execution Vulnerability
Threat Level: Warning
Bugtraq: 31643,31631
Signature Description: Opera is a popular cross-platform web browser and suite of internet applications. Opera