TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
1047
Signature ID: 38063
Opera Telnet URI Handler File Creation
Threat Level: Warning
Industry ID: CVE-2004-0473
Signature Description: Opera Software ASA's Opera Web browser is vulnerable to an attack of telnet URI handler. An
attacker can invoke telnet with a trace file name as argument by requesting an URI address to opera web browser. The
supplied trace file then can be created on the host of web browser's user. Therefore it is possible for the attacker to
create malicious file which could be harmful to the user's system.The program that is responsible for this vulnerability
is the Opera URI handler. The opera URI handler validates the URI address as well as invoked protocol's command
arguments. Assurent believes that the vulnerable function is the Opera telnet URI handler. The vulnerable parameter is
the "-n" argument in case of Linux and "-f" in case of Windows, which provides a trace file name.
Signature ID: 38065
Microsoft Outlook 2002 Script Execution
Threat Level: Severe
Industry ID: CVE-2004-0121
Signature Description: Microsoft Outlook, an email client, contains a vulnerability in the handling of a mailto: URI.
The lack of filtering of parameters passed to Outlook via the "mailto:" URI allows for script execution in the Local
Machine zone on a vulnerable system.The vulnerable program is outlook.exe, a Mail User Agent (MUA) application
developed by Microsoft Corporation that is used to read, write, send, and receive email messages.
Signature ID: 38066
Metamail Format String Vulnerabilities
Threat Level: Warning
Industry ID: CVE-2004-0104
Signature Description: Several vulnerabilities in MetaMail, a common MIME parser and application launcher for email
clients, may allow remote attackers to execute arbitrary code. These vulnerabilities include two buffer overflows and
two format-string issues. The vulnerability exists in the 'metamail' executable. Vulnerabilities exist in the functions
SaveSquirrelFile(char *) and PrintHeader(char *, int) in the source file metamail.c, as well as the
ShareThisHeader(char *, char *, char**) function in the source file splitmail.c.
Signature ID: 38067
VanDyke SecureCRT Configuration Folder Vulnerability
Threat Level: Warning
Industry ID: CVE-2004-1541
Signature Description: A vulnerability exists in the way VanDyke SecureCRT handles telnet URLs. Through the use of
a telnet URL, SecureCRT can be remotely supplied a parameter which can be used to specify an arbitrary configuration
folder; this configuration folder can reside on a remote shared resource. Because a configuration file can reference
script code, an attacker can exploit this vulnerability to execute code on the vulnerable system in the context of the
currently logged in user.The vulnerable program is SecureCRT.exe.The vulnerability resides in the function that parses
the configuration folder parameter.The vulnerability resides in the parameter /F that allows alternative configuration
folder specification.
Signature ID: 38070
Microsoft Internet Explorer HTTPS Proxy Vulnerability
Threat Level: Warning
Industry ID: CVE-2005-2830
Signature Description: An information disclosure vulnerability exists in Microsoft Internet Explorer. The vulnerability
can occur when Internet Explorer is configured to use an HTTPS proxy with Basic authentication. This flaw may be