TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
1004
Signature ID: 35695
Chilkat Socket activex 2.3.1.1 Remote Arbitrary File Creation Vulnerability
Threat Level: Warning
Signature Description: The Chilkat socket library provides a high-level, easy-to-use API for TCP/IP socket
programming. It supports creating secure channels w/ SSL 2.0, SSL 3.0, and TLS 1.0. Both client-side and server-side
SSL/TLS is supported, including the use and verification of digital certificates. ChilkatSocket.dll version 2.3.1.1 is
vulnerable to data manipulation error. This vulnerability is caused due to ChilkatSocket.ChilkatSocket.1 ActiveX
component (ChilkatSocket.dll) containing the insecure "SaveLastError()" method. A remote attacker can overwrite and
corrupt arbitrary files on the system in the context of the currently logged-on user. No remedy is available as of
November 20, 2008 but alternately user can set kill bit to clsid 474FCCCD-1B89-4D34-9E09-45807F23289C
corresponding to the progid ChilkatSocket.ChilkatSocket.1 to resolve this issue.
Signature ID: 35696
Chilkat Socket activex 2.3.1.1 Remote Arbitrary File Creation Vulnerability
Threat Level: Severe
Signature Description: The Chilkat socket library provides a high-level, easy-to-use API for TCP/IP socket
programming. It supports creating secure channels w/ SSL 2.0, SSL 3.0, and TLS 1.0. Both client-side and server-side
SSL/TLS is supported, including the use and verification of digital certificates. ChilkatSocket.dll version 2.3.1.1 is
vulnerable to data manipulation error. This vulnerability is caused due to ChilkatSocket.ChilkatSocket.1 ActiveX
component (ChilkatSocket.dll) containing the insecure "SaveLastError()" method. By persuading the victim to visit a
specially crafted web page containing hex encoded shell code data, a remote attacker can overwrite and corrupt
arbitrary files on the system in the context of the currently logged-on user. No remedy is available as of November 20,
2008 but alternately user can set kill bit to clsid 474FCCCD-1B89-4D34-9E09-45807F23289C corresponding to the
progid ChilkatSocket.ChilkatSocket.1 to resolve this issue.
Signature ID: 35697
Chilkat Socket activex 2.3.1.1 Remote Arbitrary File Creation Vulnerability
Threat Level: Severe
Signature Description: The Chilkat socket library provides a high-level, easy-to-use API for TCP/IP socket
programming. It supports creating secure channels w/ SSL 2.0, SSL 3.0, and TLS 1.0. Both client-side and server-side
SSL/TLS is supported, including the use and verification of digital certificates. ChilkatSocket.dll version 2.3.1.1 is
vulnerable to data manipulation error. This vulnerability is caused due to ChilkatSocket.ChilkatSocket.1 ActiveX
component (ChilkatSocket.dll) containing the insecure "SaveLastError()" method. By persuading the victim to visit a
specially crafted web page containing %u encoded data, a remote attacker can overwrite and corrupt arbitrary files on
the system in the context of the currently logged-on user. No remedy is available as of November 20, 2008 but
alternately user can set kill bit to clsid 474FCCCD-1B89-4D34-9E09-45807F23289C corresponding to the progid
ChilkatSocket.ChilkatSocket.1 to resolve this issue.
Signature ID: 35698
Chilkat Socket activex 2.3.1.1 Remote Arbitrary File Creation Vulnerability
Threat Level: Severe
Signature Description: The Chilkat socket library provides a high-level, easy-to-use API for TCP/IP socket
programming. It supports creating secure channels w/ SSL 2.0, SSL 3.0, and TLS 1.0. Both client-side and server-side
SSL/TLS is supported, including the use and verification of digital certificates. ChilkatSocket.dll version 2.3.1.1 is
vulnerable to data manipulation error. This vulnerability is caused due to ChilkatSocket.ChilkatSocket.1 ActiveX
component (ChilkatSocket.dll) containing the insecure "SaveLastError()" method. By persuading the victim to visit a
specially crafted web page containing UTF-16 encoded exploit data, a remote attacker can overwrite and corrupt
arbitrary files on the system in the context of the currently logged-on user. No remedy is available as of November 20,