TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
205
exploit this vulnerability by creating a malicious Web page or an HTML e-mail message and then persuading the user
to visit the page or to view the HTML e-mail message.
Signature ID: 1426
Microsoft Internet Explorer URL Parsing Memory Corruption Vulnerability
Threat Level: Warning
Industry ID: CVE-2005-0554 Bugtraq: 13123
Signature Description: Windows Internet Explorer, commonly abbreviated to IE, is a series of graphical web browsers
developed by Microsoft and included as part of the Microsoft Windows line of operating systems. Microsoft Internet
Explorer versions 5.01, 5.5, and 6 are vulnerable versions, the buffer overflow vulnerability exists in this version of IE
parsing of URLs while handling the long hostname component. A remote attacker could send a malicious web-page
that contains an URL with a hostname of size longer than 256 bytes and hosting it on a Web site or by sending it to a
victim as an HTML email. After received this type of links the size of the hostname is not properly validated before it
is copied into a buffer, so the buffer will overflow. and possibly execute arbitrary code via this type of URLs.
Successful exploitation allows remote attackers to execute arbitrary code under the privileges of the current user.
Signature ID: 1427
Working Resources's BadBlue HTTP Server ext.dll Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2005-0595 Bugtraq: 12673
Signature Description: BadBlue is a complete file sharing system that is simply easier and faster to use than anything
else. BadBlue is a small web server for Windows operating systems, developed by Working Resources Inc. Working
Resources Inc. BadBlue 2.55 version contains remotely exploitable buffer overflow vulnerability. A remote attacker
could send specially-crafted malicious http request to EXT.DLL that request contains a long long mfcisapicommand
parameter with more than 250 chars is sent. After received the request the server not validating the user supplies data,
so while processing the reques buffer over flow will happen. Successful exploitation could allow remote code
execution on the system with user privileges.
Signature ID: 1428
Real Networks Real Player WAV File Processing Heap Overflow Vulnerability
Threat Level: Warning
Industry ID: CVE-2005-0611
Bugtraq: 12697
Signature Description: RealNetworks RealPlayer is a multimedia application that allows users to view local and remote
audio/video content. RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1, Real Networks
Real Player and Helix Player are vulnerable to a heap based buffer overflow. The vulnerability is triggered when a
malicious WAV file's LIST chunk is processed. A LIST chunk is used to store associated information about WAV file
like audio track's title, artist, and copyright information etc., While processing memory is allocated for each piece of
information based on a user-controlled length value in the LIST chunk header. This value is not verified, and the actual
data is copied byte-by-byte into the buffer until a NULL terminator is found. Therefore, if the actual data is larger than
the reported length value, a buffer overflow could occur during memory copy operations. Successful exploitation of
this vulnerability may execute arbitrary code with the privileges of the logged in user or may crash the vulnerable
media player.
Signature ID: 1429
MySQL MaxDB Webtool HTTP UNLOCK Request Lock-Token String Stack Overflow
Vulnerability
Threat Level: Severe
Industry ID: CVE-2005-0684 CVE-2005-0684 Bugtraq: 13368,13369
Signature Description: MySQL MaxDB is a heavy-duty, SAP-certified open source database. A web based application