TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
787
integer buffer overflow. With a unspecified length fields in openoffice TIFF directory entries user can overflow buffer.
The vendor has fixed this issue in OpenOffice 2.3 version. Please visit the vendor URL for the updates. Exploit
attempts of this vulnerability are detected using a combination of two signatures. This is the second signature and
generates a log message.
Signature ID: 34318
Adobe Multiple products .PNG buffer overflow
Threat Level: Severe
Industry ID: CVE-2007-2365 Bugtraq: 23698
Signature Description: Adobe Photoshop is a graphics editor developed by Adobe Systems. It is used for commercial
bitmap and image manipulation. Multiple Adobe products like Photoshop CS2/CS3, Photoshop Elements and Corel
Paint Shop Pro are vulnerable to this buffer overflow. This is caused due to a boundary error in the PNG.8BI Photoshop
Format Plugin when handling PNG files. With this a remote attacker could overflow a buffer or may crash the
application. Vendor has released fixes to this issue. please visit the vendor's URL for updates. Exploit attempts of this
vulnerability are detected using a combination of two signatures. This is the second signature and generates a log
message.
Signature ID: 34331
CA Brightstor ARCserve Backup catirpc.exe DoS vulnerability
Threat Level: Warning
Industry ID: CVE-2007-0816 Bugtraq: 22365
Signature Description: CA BrightStor ARCserve Backup is used for backing up and restoring data on remote
andmobile Windows-based PCs. It automatically perform backups when disconnected from the network. Computer
Associates BrightStor ARCServe Backup 11.5 and prior versions are vulnerable to Denial of service attack. By crafting
RPC packet, by keeping null values in credential and verifier fields and sending it to UDP port 111 attacker can trigger
a null pointer dereference in CA Remote Procedure Call Server(catirpc.exe). The vendor has released fixes to this issue.
Please see the reference.
Signature ID: 34334
CA BrightStor ARCserve Tape Engine overflow
Threat Level: Warning
Industry ID: CVE-2006-6076
Bugtraq: 21221
Signature Description: CA BrightStor ARCserve Backup is used for backing up and restoring data on remote and
mobile Windows-based PCs. It automatically perform backups when disconnected from the network. Computer
Associates BrightStor ARCServe Backup 11.5 and prior versions are vulnerable to buffer overflow. When a crafted
RPC packet is sent to the TCP ports 6502/6504, there is no bound check in the Tape engine service library files
tapeeng.dll and tapeutil.dll and causes buffer overflow. The vendor has released fixes to address this issue. Please refer
the references. Exploit attempts of this vulnerability are detected using a combination of two signatures. This is the
second signature and generates a log message.
Signature ID: 34336
CA BrightStor ARCserve Backup LGSERVER.EXE buffer overflow vulnerability
Threat Level: Severe
Industry ID: CVE-2007-0449
Bugtraq: 22340,22342
Signature Description: CA BrightStor ARCserve Backup is used for backing up and restoring data on remote and
mobile Windows-based PCs. It automatically perform backups when disconnected from the network. Mobile Backup
r4.0, Desktop and Business Protection Suite r2, and Desktop Management Suite (DMS) r11.0 and r11.1 are vulnerable
to buffer overflow vulnerability. By sending a long specially crafted packet to the TCP port 1900 attacker may cause
buffer overflow in LGSERVER.EXE in CA ARCserve backup. The vendor has released fixes to address this issue.
Please refer the references.