TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
1001
Software Opera Web Browser Versions prior to 9.60 are vulnerable to remote code execution vulnerability in its
handling of addresses and Java applets. A specially crafted address used in a redirection can result in a buffer overflow
vulnerability. The issue occurs when the browser handles a specially crafted URI with an overly long username part,
will allow attacker to execute arbitrary code with the privileges of the current user. Additionally, a flaw in the handling
of Java applets can result in an information-disclosure vulnerability. Vendor has provided patch details to resolve this
issue. Please see the references for further information.
Signature ID: 35684
Chilkat Crypt ActiveX Component "WriteFile()" Insecure Method Vulnerability
Threat Level: Severe
Signature Description: Chilkat Crypt Activex is a Software component used for encrypting and decrypting both strings
and binary data. It implements symmetric encryption algorithms. It provides public-key encryption and decryption
using digital certificates, digital signature creation and verification, and also encoding functionality for Base64, quoted-
printable, and hex-encoding. ChilkatCrypt2.dll version 4.3.2.1 and prior versions are vulnerable to arbitrary file
creation/execution vulnerability. This issue is caused by an error in the dll file that does not restrict access to the
WriteFile() method, which could be exploited by attackers to create malicious files on a vulnerable system and tricking
a user into visiting the specially crafted web page. Successful exploitation allows attacker to execute arbitrary code. No
patch details are available as of 6 November, 2008 alternately user can set killbit to the clsid 3352B5B9-82E8-4FFD-
9EB1-1A3E60056904 to resolve this issue.
Signature ID: 35685
Chilkat Crypt ActiveX Component "WriteFile()" Insecure Method Vulnerability
Threat Level: Severe
Signature Description: Chilkat Crypt Activex is a Software component used for encrypting and decrypting both strings
and binary data. It implements symmetric encryption algorithms. It provides public-key encryption and decryption
using digital certificates, digital signature creation and verification, and also encoding functionality for Base64, quoted-
printable, and hex-encoding. ChilkatCrypt2.dll version 4.3.2.1 and prior versions are vulnerable to arbitrary file
creation/execution vulnerability. The vulnerability is caused due to the ChilkatCrypt2.ChilkatCrypt2.1
(ChilkatCrypt2.dll) ActiveX control containing insecure "WriteFile()" method. This can be exploited to write arbitrary
data to arbitrary files in the context of the currently logged-on user. Successful exploitation allows attacker to execution
of arbitrary code in the target system. No patch details are available as of 6 November, 2008 alternately user can set
killbit to the clsid 3352B5B9-82E8-4FFD-9EB1-1A3E60056904 to resolve this issue. This signature detects attack
pattern contains PROGID and %uHHHH encoding.
Signature ID: 35686
2WIRE DSL Router (xslt) Denial of Service Vulnerability
Threat Level: Severe
Signature Description: A router is a computer device whose software and hardware are usually tailored to the tasks of
routing and forwarding information. Routers generally contain a specialized operating system, RAM, NVRAM, flash
memory, and one or more processors, as well as two or more network interfaces. DSL or xDSL, is a family of
technologies that provides digital data transmission over the wires of a local telephone network. 2WIRE DSL Router
firmware version 5.29.51, 4.25.19 and 3.7.1 are vulnerable to denial of service attack. The DSL connection will get
dropped when a request is made to /xslt with the value "%C" where 'C' is any non alfa numeric character. No remedy is
available as of 10, November 2008.
Signature ID: 35687
Microsoft PicturePusher (PipPPush.DLL) Cross Site File Upload vulnerability
Threat Level: Warning
Industry ID: CVE-2008-4493
Bugtraq: 31632
Signature Description: Microsoft Digital Image is a discontinued digital photo editing program created by Microsoft.