TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

741

742

743

744

745

746

747

748

749

750

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

743

'SETSYNCHRONOUS' string to TCP port 10618. The successful exploitation may allow an attacker to cause the

DataCollection service to crash. No remedy available as of October, 2008.

Signature ID: 32653

EIQnetworks Network Security Analyzer DataCollector (FWADELTA) DoS

Threat Level: Critical

Industry ID: CVE-2007-0228 Bugtraq: 21994

Signature Description: EIQnetworks SecureVue enterprise Security management(ESM) solution delivers next-

generation security information and compliance management from an integrated platform. EIQ Networks Network

Security Analyzer is a denial of service vulnerability, caused by a null pointer dereference in the DataCollection

service. This Signature will trigger when an attacker send specially-crafted data containing via a 'FWADELTA' string

to TCP port 10618. The successful exploitation may allow an attacker to cause the DataCollection service to crash. No

remedy available as of October, 2008.

Signature ID: 32654

Novell Netmail WebAdmin Buffer Overflow vulnerability

Threat Level: Critical

Industry ID: CVE-2007-1350 Bugtraq: 22857

Signature Description: Novell NetMail is an email and messenging software package developed by Novell.It is

designed to offer mail and calendaring services to large groups of users. WebAdmin is a browser based administrative

tool used to manage NetMail.WebAdmin (webadmin.exe) contains a buffer overflow vulnerability.By sending a

specially-crafted authentication request with an overly long username to TCP port 89,an attacker may be able to trigger

the overflow the WebAdmin interface on a vulnerable system. This signature detects attack traffic in a POST request.

Signature ID: 32655

Novell Netmail WebAdmin Buffer Overflow

Threat Level: Severe

Industry ID: CVE-2007-1350 Bugtraq: 22857

Signature Description: Novell NetMail is an email and messenging software package developed by Novell.It is

designed to offer mail and calendaring services to large groups of users. WebAdmin is a browser based administrative

tool used to manage NetMail.WebAdmin (webadmin.exe) contains a buffer overflow vulnerability.By sending a

specially-crafted authentication request with an overly long username to TCP port 89,an attacker may be able to trigger

the overflow the WebAdmin interface on a vulnerable system. This signature detects attack traffic in a GET request.

Signature ID: 32657

HTTP Microsoft Visual C++ Resource File Buffer Overflow 1

Threat Level: Severe

Industry ID: CVE-2007-0468

Bugtraq: 22170

Signature Description: Microsoft Visual Studio 6.0 SP6 is vulnerable to a stack-based buffer overflow, caused by

improper bounds checking by the RCDLL.DLL module. By creating a specially-crafted .rc resource file with an overly

long TYPELIB MOVEABLE PURE filename field, a remote attacker could overflow a buffer and execute arbitrary

code on the system or cause the application to crash, if the attacker could persuade the victim to open, compile, or run

the malicious .rc file. Exploit attempts of this vulnerability are detected using a combination of two signatures. This is

the second signature and generates a log message.

Signature ID: 32658

Oracle Rapid Install Web Server Secondary Login Page CSS

Threat Level: Severe

Industry ID: CVE-2007-3553

Bugtraq: 24697