TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
1015
Signature ID: 35842
Synactis ALL In-The-Box ActiveX Control Arbitrary File Overwrite Vulnerability
Threat Level: Severe
Industry ID: CVE-2009-0465
Bugtraq: 33535
Signature Description: Synactis ALL In-The-Box is a development tool for creating, viewing, printing and documents
programmatically. It is very Powerful and easy to use. It produces documents by assembling objects and data supplied
by the Developer. It doesn't use any printer driver or any third-party software. All_In_The_Box.ocx version 3.1.2.0 is
vulnerable to arbitrary file overwrite vulnerability. The vulnerability is caused due to the All_In_The_Box.AllBox
ActiveX control (All_In_The_Box.ocx) providing the insecure "SaveDoc()" method. This can be exploited to overwrite
arbitrary files on the system via a filename terminated by a NULL byte, which bypasses the intended .box filename
extension. Successful exploitation allows execution of arbitrary code. No patch details are available to resolve this
issue.
Signature ID: 35844
Microsoft Internet Explorer Uninitialized Memory Remote Code Execution Vulnerability
Threat Level: Critical
Industry ID: CVE-2009-0075 Bugtraq: 33623
Signature Description: Windows Internet Explorer 7 is a web browser released by Microsoft in October 2006. Internet
Explorer 7 is part of a long line of versions of Internet Explorer and was the first major update to the browser in over 5
years. It ships as the default browser in Windows Vista and Windows Server 2008 and is offered as a replacement for
Internet Explorer 6 for Windows XP and Windows Server 2003. IE 7 is vulnerable to memory corruption vulnerability.
It does not properly handle errors during attempted access to deleted objects. When an object is appended and deleted
in a specific order memory corruption occurs which allows remote attackers to execute arbitrary code via a crafted
HTML document, related to CFunctionPointer and the appending of document objects, causing Uninitialized Memory
Corruption Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on vulnerable
installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target
must visit a malicious page. Successful exploitation leads to remote compromise of the affected system under the
credentials of the currently logged in user. Patch details are available to resolve this issue.
Signature ID: 35846
Huawei E960 HSDPA Router SMS Inbox View HTML Injection Vulnerability
Threat Level: Severe
Bugtraq: 33866
Signature Description: Huawei E960 HSDPA is a Router which supports two working modes of the wireless gateway
and USB modem, Web-based management, parameter presetting, and plug-and-play. Huawei E960 HSDPA Router
(firmware version 246.11.04.11.110sp04) is vulnerable to XSS attack. One of the feature of this router is the ability to
send and receive SMS through its web interface. The SMS text is presented unescaped/unfiltered on the inbox view,
and an attacker can craft malicious short messages to gain control over victims router. The first 32 characters of every
incoming SMS is presented in unescaped form in the inbox view. The 32 characters limit can be overcome by using
several messages, and inserting javascript comment to merge the current message with the next one. Due to this an
attacker can get victim's PPP password by accessing /js/connection.js, disconnect victim's internet connection, send
SMS with victim's router and gain access to victim's WIFI password. No remedy is available to resolve this issue.
Signature ID: 35847
Microsoft IIS ASP Remote Code Execution Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-0075 Bugtraq: 27676
Signature Description: Internet Information Services (IIS) is a powerful Web server that provides a highly reliable,
manageable, and scalable Web application infrastructure for all versions of Windows Server 2003. IIS helps