TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

741

742

743

744

745

746

747

748

749

750

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

748

cookie-based authentication credentials or possibly obtain other sensitive information.This vulnerability only affects

users running Firefox.In Adobe versions prior to 6, this vulnerability could allow remote code execution.

Signature ID: 32685

HTTP Winamp Malformed Playlist File Handling Buffer Overflow

Threat Level: Severe

Industry ID: CVE-2006-0476

Bugtraq: 16410

Signature Description: Winamp is a media player for Microsoft Windows systems.It can play various types of media

files, such as MP3s.Winamp was created by Nullsoft, which has been acquired by America Online.A Playlist (.PLS or

.M3U) file is a text file that contains links to other media files to play. Winamp supports the use of playlist

files.Winamp contains a buffer overflow when it processes a playlist that has a large File parameter.A remote

unauthenticated attacker may be able to execute arbitrary code by convincing a user to open a specially crafted

playlist.This can be achieved by creating a specially crafted web page or other HTML document that may launch

Winamp without any user interaction.

Signature ID: 32686

Novell Groupwise WebAccess GWINTER.EXE Overflow

Threat Level: Severe

Industry ID: CVE-2007-2171 Bugtraq: 23556

Signature Description: Novell GroupWise WebAccess is vulnerable to a stack-based buffer overflow in the

base64_decode function, caused by improper handling of an HTTP Basic authentication request by GWINTER.exe in

Novell GroupWise (GW) WebAccess.By sending at least 336 bytes of data content in an HTTP Basic Authentication

request, a remote attacker could overflow a buffer and execute arbitrary code on the system. This rule hits when attack

traffic is flowing towards the destination port 7205.

Signature ID: 32687

FTP MS IE WinINet.DLL FTP Response Parsing Memory Corruption

Threat Level: Severe

Industry ID: CVE-2007-0217 Bugtraq: 22489

Signature Description: Microsoft Internet Explorer contains an unspecified vulnerability that could be exploited when

it attempts to interpret responses from FTP servers.The wininet.dll FTP client code in Microsoft Internet Explorer 5.01

and 6 might allow remote attackers to execute arbitrary code via an FTP server response of a specific length that causes

a terminating null byte to be written outside of a buffer, which causes heap corruption.According to Microsoft Security

Bulletin MS07-016, When Internet Explorer handles specially crafted FTP server responses it may corrupt system

memory in such a way that an attacker could execute arbitrary code.

Signature ID: 32688

HTTP Adobe PDF Reader plug-in AcroPDF.dll Resource Consumption

Threat Level: Warning

Industry ID: CVE-2005-2470 Bugtraq: 14603

Signature Description: Adobe Reader is an application that allows users to view, print, and search PDF files.Adobe

Reader versions 5.1, 6.0 to 6.0.3, and 7.0 to 7.0.2 and Adobe Acrobat versions 5.0 to 5.0.5, 6.0 to 6.0.3, and 7.0 to 7.0.2

are vulnerable to a buffer overflow caused by improper bounds checking in the core application plug-in.A buffer within

a core plug-in for Adobe Acrobat and Acrobat Reader can be overwritten using a specially-crafted PDF document.If a

remote attacker can persuade a user to access a specially crafted PDF file, that attacker may be able to execute arbitrary

code or crash the Adobe Acrobat/Acrobat Reader process.