TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
1023
Signature Description: PHP is a general-purpose scripting language that is especially suited for web development and
can be embedded into HTML. A wrapper is additional code which tells the stream how to handle specific
protocols/encodings. The PHP, version PECL ZIP 1.8.3 and earlier and PHP 5.2.0 and 5.2.1, is a stack-based buffer
overflow vulnerability, caused by improper bounds checking by 'zip:' URLs. This issue is triggered when an attacker
sending an overly long string to the 'zip:' URL wrapper. The successful exploitation may allow an attacker to overflow
a buffer and execute arbitrary code on the system and it opens a zip file archive, reads each file in the archive and prints
out its contents. The issue is fixed in the version of PECL zip Extension (1.8.4 or later),available from the PECL web
site. The administrators are advise to update the latest version of PECL zip Extension (1.8.4 or later) for resolve the
issue.
Signature ID: 36218
Sun Java Web Start JNLP java-vm-args Heap Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-3111 Bugtraq: 30148
Signature Description: Sun Java Web Start is a utility included in the Java Runtime Environment. It enables Java
applications to launch either from a desktop or from a web page. Sun Java Web Start, version JDK and JRE 6 before
Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18, is a buffer overflow
vulnerability, caused by improper bounds checking by the GetVMArgs Option function. This issue is triggered when a
victim to download an untrusted Java Web Start application containing an overly long java-vm-args <br>value of the
'j2se' tab in XML based JNLP files. The successful exploitation may allow an <br>attacker to overflow a buffer and
execute arbitrary code on the system with privileges of <br>the victim to read and write local files, execute local
applications, or cause the affected application to crash. The issue is fixed in the versions of JDK and JRE 6 update 7,
JDK and JRE 5.0 Update 16, and SDK and JRE 1.4.2_18, which is available from vendor's web site. The
Administrators are advise to update those versions for resolve the issue.
Signature ID: 36219
Sun Java Web Start JNLP vm args Stack Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-3111 Bugtraq: 30148
Signature Description: Sun Java Web Start is a utility included in the Java Runtime Environment. It enables Java
applications to launch either from a desktop or from a web page. Sun Java Web Start, version JDK and JRE 6 before
Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18, is a buffer overflow
vulnerability, caused by improper bounds checking by the GetVMArgs Option function. This issue is triggered when a
victim to download an untrusted Java Web Start application containing an overly long initial-heap-size or max-heap-
size value of the 'j2se' tab in XML based JNLP files. The successful exploitation may allow an attacker to overflow a
buffer and execute arbitrary code on the system with privileges of the victim to read and write local files, execute local
applications, or cause the affected application to crash. The issue is fixed in the versions of JDK and JRE 6 update 7,
JDK and JRE 5.0 Update 16, and SDK and JRE 1.4.2_18, which is available from vendor's web site. The
Administrators are advise to update those versions for resolve the issue.
Signature ID: 36220
VideoLAN VLC Media Player XSPF Memory Corruption Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-4558 Bugtraq: 31758
Signature Description: VideoLAN VLC media player is an open-source, highly portable multimedia player for various
audio and video formats, as well as DVDs, VCDs, and various streaming protocols. It can also be used as a server to
stream in unicast or multicast in IPv4 or IPv6 on a high bandwidth network. VLC, version 0.9.2, is a Memory
corruption vulnerability. By persuading a victim to open a specially-crafted XSPF play list file containing a 'negative
identifier tag'. The successful exploitation may allow an attacker to execute arbitrary code on the system. The issue is