TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

271

272

273

274

275

276

277

278

279

280

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

272

Signature ID: 1952

MS Internet Explorer ActiveX bgColor Property Denial of Service Vulnerability

Threat Level: Severe

Industry ID: CVE-2007-0612 Bugtraq: 22288

Signature Description: Microsoft's Internet Explorer 5.0 or above version on Windows 2000, XP, 2003 and Vista are

vulnerable to denial of service attacks. The issue is due to vulnerability in multiple ActiveX controls included in

Internet Explorer and the application fails to handle exceptional conditions. By accessing the bgColor, fgColor,

linkColor, alinkColor, and vlinkColor, or defaultCharset properties in the giffile, htmlfile, jpegfile, mhtmlfile, ODCfile,

pjpegfile, pngfile, xbmfile, xmlfile, xslfile, or wdfile objects in mshtml.dll, or the TriEditDocument.TriEditDocument

or TriEditDocument.TriEditDocument.1 objects in triedit.dll can cause a NULL pointer dereference. This vulnerability

can be exploited by a malicious web page and results in a termination of the Internet Explorer process.

Signature ID: 2002

SMTP VRFY command Vulnerability

Threat Level: Information

Industry ID: CVE-1999-0531 Nessus: 10249

Signature Description: SMTP(Simple Mail Transfer Protocol) is a TCP/IP protocol. It is used to transfer e-mail

messages between computers. Most e-mail systems that send mail over the Internet use SMTP to send messages from

one server to another. VRFY command will request that the receiving SMTP server verify that a given email user name

is valid. The SMTP server will reply with the login name of the user. If the VRFY command is enabled, the remote

attackers determine user accounts. Once they have determined a user account they can attempt to determine a password

for that account. The successful exploitation of this issue will allow an attacker to gain information or cause crash the

systems.

Signature ID: 2003

Sendmail mailing to programs attempt

Threat Level: Warning

Industry ID: CVE-1999-0163 CVE-1999-0203 Bugtraq: 2308 Nessus: 10261

Signature Description: Some SMTP servers do not complain when issued the command: MAIL FROM:

root@this_host RCPT TO: |testing. This probably means that it is possible to send mail directly to programs, which is a

serious threat, since this allows anyone to execute arbitrary command on this host. This security hole might be a false

positive, since some MTAs will not complain to this test, and instead will just drop the message silently. This rule will

triggers when an attempt is made to send pipe symbol in SMTP to header.

Signature ID: 2004

Sendmail mailing to files attempt

Threat Level: Warning

Industry ID: CVE-1999-0096

Nessus: 10259

Signature Description: Some SMTP servers do not complain when issued the Command : MAIL FROM:

root@this_host RCPT TO: /tmp/nessus_test. This probably means that it is possible to send mail directly to files, which

is a serious threat, since this allows anyone to overwrite any file on the remote server. This security hole might be a

false positive, since some MTAs will not complain to this test and will just drop the message silently. This rule will

triggers when an attempt is made to send / symbol in SMTP to header.

Signature ID: 2005

Sendmail's from |program attempt

Threat Level: Warning

Industry ID: CVE-1999-0203 CVE-1999-0163 Bugtraq: 2308 Nessus: 10258