TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
722
workaround set the kill-bit for the affected ActiveX control DEF37997-D9C9-4A4B-BF3C-88F99EACEEC2. Vendor
hasn't supplied any patches as of November 2007.
Signature ID: 30458
Altnet Download Manager ADM4 ActiveX Control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-5217
Bugtraq: 25903
Signature Description: The Altnet Download Manager is a software application that speeds up file downloads. The
Altnet Download Manager ActiveX control (adm4.dll) version 4.0.0.6, which is used in the file-sharing applications
Kazaa and Grokster, is vulnerable to a stack-based buffer overflow. By persuading a victim to visit a specially-crafted
Web page that passes an overly long string to the Install() method, a remote attacker could overflow a buffer and
execute arbitrary code on the system with the privileges of the user or cause the victim's browser to crash. As a
workaround set the kill-bit for the affected Active X control DEF37997-D9C9-4A4B-BF3C-88F99EACEEC2. Vendor
hasn't supplied any patches as of November 2007.This rule detects when vulnerable activex and shell code present.
Signature ID: 30459
Altnet Download Manager ADM4 ActiveX Control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-5217 Bugtraq: 25903
Signature Description: The Altnet Download Manager is a software application that speeds up file downloads. The
Altnet Download Manager ActiveX control (adm4.dll) version 4.0.0.6, which is used in the file-sharing applications
Kazaa and Grokster, is vulnerable to a stack-based buffer overflow. By persuading a victim to visit a specially-crafted
Web page that passes an overly long string to the Install() method, a remote attacker could overflow a buffer and
execute arbitrary code on the system with the privileges of the user or cause the victim's browser to crash. This Rule
Hits when attack pattern consists of shell code in percentile encoding format. As a workaround set the kill-bit for the
affected ActiveX control DEF37997-D9C9-4A4B-BF3C-88F99EACEEC2. Vendor hasn't supplied any patches as of
November 2007.
Signature ID: 30460
Altnet Download Manager ADM4 ActiveX Control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-5217
Bugtraq: 25903
Signature Description: This rule hits when HTTP Response consists of vulnerable activex and with %encoded
characters.The Altnet Download Manager is a software application that speeds up file downloads. The Altnet
Download Manager ActiveX control (adm4.dll) version 4.0.0.6, which is used in the file-sharing applications Kazaa
and Grokster, is vulnerable to a stack-based buffer overflow. By persuading a victim to visit a specially-crafted Web
page that passes an overly long string to the Install() method, a remote attacker could overflow a buffer and execute
arbitrary code on the system with the privileges of the user or cause the victim's browser to crash. This rule hits when
shellcode is present in the attack pattern. As a workaround set the kill-bit for the affected ActiveX control DEF37997-
D9C9-4A4B-BF3C-88F99EACEEC2. Vendor hasn't supplied any patches as of November 2007.
Signature ID: 30461
Altnet Download Manager ADM4 ActiveX Control Access Using Unicode
Threat Level: Severe
Industry ID: CVE-2007-5217
Bugtraq: 25903
Signature Description: This rule hits when http response consists of vulnerable activex and with shell code.The Altnet
Download Manager is a software application that speeds up file downloads. The Altnet Download Manager ActiveX
control (adm4.dll) version 4.0.0.6, which is used in the file-sharing applications Kazaa and Grokster, is vulnerable to a
stack-based buffer overflow. By persuading a victim to visit a specially-crafted Web page that passes an overly long