TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
402
Signature ID: 9050
Oracle Application Server Web Cache Heap Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2004-0385 Bugtraq: 9868
Signature Description: The Oracle Web Cache is useful for caching static and dynamic content generated from Oracle
Application web servers thus reducing the bandwidth usage, server load. The Oracle9i Application Server Web Cache
versions 9.0.4.0.0, 9.0.3.1.0, 9.0.2.3.0, and 9.0.0.4.0 are vulnerable to a heap-based buffer overflow attack. The
vulnerability exists in the code that processes HTTP requests. By supplying an overly long HTTP Request Method
headers COPY, DELETE, GET, HEAD and LOCK an attacker could execute arbitrary code with privileges of the
vulnerable process. Oracle has released a patch to address this vulnerability that is listed in Oracle Security Alert #66.
Signature ID: 9051
Oracle Application Server Web Cache Heap Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2004-0385 Bugtraq: 9868 Nessus: 12126
Signature Description: The Oracle Web Cache is useful for caching static and dynamic content generated from Oracle
Application web servers thus reducing the bandwidth usage, server load. The Oracle9i Application Server Web Cache
versions 9.0.4.0.0, 9.0.3.1.0, 9.0.2.3.0, and 9.0.0.4.0 are vulnerable to a heap-based buffer overflow attack. The
vulnerability exists in the code that processes HTTP requests. By supplying an overly long HTTP Request Method
headers MKCOL, MOVE, POST, PUT and TRACE an attacker could execute arbitrary code with privileges of the
vulnerable process. Oracle has released a patch to address this vulnerability that is listed in Oracle Security Alert #66.
Signature ID: 9060
Ethereal RADIUS dissector buffer overflow vulnerability
Threat Level: Information
Industry ID: CVE-2005-0699 Bugtraq: 12759
Signature Description: Ethereal is a free packet sniffer computer application. It is used for network troubleshooting,
analysis, software and communications protocol development, and education. A remote buffer-overflow vulnerability
reportedly affects Ethereal 0.10.9 and earlier because it fails to securely copy network-derived data into sensitive
process buffers. The specific issue resides in the 'dissect_a11_radius' function in the CDMA A11 (3G-A11) dissector-
'packet-3g-a11.c'. An attacker may exploit this issue to execute arbitrary code with the privileges of the user that
activated the vulnerable application. This signature detects attacks in RADIUS authentication packets.
Signature ID: 9061
Ethereal RADIUS dissector buffer overflow vulnerability
Threat Level: Information
Industry ID: CVE-2005-0699 Bugtraq: 12759
Signature Description: Ethereal is a free packet sniffer computer application. It is used for network troubleshooting,
analysis, software and communications protocol development, and education. A remote buffer-overflow vulnerability
reportedly affects Ethereal 0.10.9 and earlier because it fails to securely copy network-derived data into sensitive
process buffers. The specific issue resides in the 'dissect_a11_radius' function in the CDMA A11 (3G-A11) dissector-
'packet-3g-a11.c'. An attacker may exploit this issue to execute arbitrary code with the privileges of the user that
activated the vulnerable application. This signature detects attacks using MSID field in RADIUS packets.
Signature ID: 9062
Ethereal RADIUS dissector buffer overflow vulnerability
Threat Level: Information
Industry ID: CVE-2005-0699 Bugtraq: 12759