TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
751
By supplying a specially crafted string (rtsp:// [random] + semicolon + [299 bytes padding + payload]), an attacker
could overflow a stack-based buffer, using either HTML, Javascript or a QTL file as attack vector, leading to an
exploitable remote arbitrary code execution condition.Since QuickTime is a component of Apple iTunes, iTunes
installations are also affected by this vulnerability.We are aware of publicly available proof-of-concept code that
exploits this vulnerability.A remote, unauthenticated attacker may be able to execute arbitrary code or cause a denial of
service
Signature ID: 32698
HTTP Multiple Browser Telnet URI Handler File Manipulation Vulnerability.
Threat Level: Severe
Industry ID: CVE-2004-0411
CVE-2004-0473 Bugtraq: 10358 Nessus:
14497,14146,12499,13785,13699,13700,12620
Signature Description: K Desktop Environment (KDE) is a open-source graphical desktop environment for Unix and
Linux-based operating systems.KDE versions 3.2.2 and earlier could allow a remote attacker to gain unauthorized
access on the system.By creating a specially-crafted Telnet, rlogin, SSH (Secure Shell) or mailto URL handler
containing a dash character prior to the hostname and followed by a command option, a remote attacker could create or
overwrite files on the vulnerable system or gain unauthorized access to sensitive information, once the URL is clicked
Signature ID: 32699
HTTP Trend Micro OfficeScan Client ActiveX Buffer Overflow
Threat Level: Severe
Industry ID: CVE-2007-0325 Bugtraq: 22585
Signature Description: The Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control contains multiple
buffer overflows, which could allow a remote attacker to execute arbitrary code on a vulnerable system.Trend Micro
OfficeScan comes with a web-based administration console that makes use of ActiveX controls.The OfficeScan Web-
Deployment SetupINICtrl ActiveX control, which is provided by the file OfficeScanSetupINI.dll, is vulnerable to
buffer overflows in multiple methods.It is reported that Client Server Messaging Security for SMB also contains the
vulnerable control.By convincing a user to view a specially crafted HTML document, an attacker may be able to
execute arbitrary code with the privileges of the user.The attacker could also cause Internet Explorer to crash
Signature ID: 32700
HTTP Yahoo Messenger URL Handler Remote DoS 1
Threat Level: Severe
Industry ID: CVE-2005-1618
Bugtraq: 13626
Signature Description: Yahoo Messenger is an online instant messaging program that allows users to send instant
messages, files, and email.Yahoo Messenger versions 5.x through 6.0 that run on Microsoft Windows platforms are
vulnerable to a denial of service attack caused by a vulnerability in the way the program processes arguments in their
YMSGR URL handler links, allows remote attackers to cause a denial of service via a room login or a room join
request packet with a third colon and an ampersand, which causes Messenger to send a corrupted packet to the server,
which triggers a disconnect from the server
Signature ID: 32706
HTTP Microsoft IE daxctl.ocx denial of service
Threat Level: Severe
Signature Description: Microsoft Internet Explorer is prone to a heap buffer-overflow vulnerability.The vulnerability
arises because of the way Internet Explorer tries to instantiate certain COM objects ActiveX controls, In particular
when the first parameter of the'DirectAnimation.PathControl' COM object is set to 0xffffffff, an invalid memory write
occurs.The issue affects the 'DirectAnimation.PathControl' of the 'daxctle.ocx' COM object with class ID
CLSID:{D7A7D7C3-D47F-11D0-89D3-00A0C90833E6}.An attacker can exploit this issue to execute arbitrary code
within context of the affected application.Failed exploit attempts will result in a denial-of-service.