TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
788
Signature ID: 34337
CA BrightStor ARCserve Backup LGSERVER.EXE buffer overflow
Threat Level: Warning
Industry ID: CVE-2007-0449 Bugtraq: 22340,22342
Signature Description: CA BrightStor ARCserve Backup is used for backing up and restoring data on remote and
mobile Windows-based PCs. It automatically perform backups when disconnected from the network. Mobile Backup
r4.0, Desktop and Business Protection Suite r2, and Desktop Management Suite (DMS) r11.0 and r11.1 are vulnerable
to this buffer overflow. By sending a long specially crafted packet to the TCP port 1900 0r 2200 attacker may cause
buffer overflow in LGSERVER.EXE in CA ARCserve backup. The vendor has released fixes to address this issue.
Please refer the references. This signature isl checking for the pattern on 2200/TCP port.
Signature ID: 34342
HTTP IE HTML Objects Memory Corruption (MS07-027) S
Threat Level: Severe
Industry ID: CVE-2007-0947 Bugtraq: 32772
Signature Description: IE and Mozilla webbrowser fails to properly handle HTML objects resulting in CMarkup
objects being used after they have been freed. window.location.onload() function is used for refreshing the web
browser, after a particular time stamp. User can send specially crafted web page using the above function with no data
and cause memory corruption and crashes victim's web browser
Signature ID: 34344
Microsoft Speech API 4 COM Object ActiveX Control Buffer Overflow
Threat Level: Severe
Industry ID: CVE-CVE-2007-2222 Bugtraq: 24426
Signature Description: Microsoft Speech API is a software package that provides text-to-speech and speech
recognition capabilities. The Microsoft Speech API includes ActiveX controls called ActiveListen and ActiveVoice,
which are provided by Xlisten.dll and XVoice.dll, respectively. An attacker could exploit this vulnerability by
persuading a victim to visit a specially-crafted Web page. Set killbit to the clsid EEE78591-FE22-11D0-8BEF-
0060081841DE to resolve this issue.
Signature ID: 34345
Microsoft Speech API 4 COM Object ActiveX Control Buffer Overflow
Threat Level: Severe
Industry ID: CVE-CVE-2007-2222
Bugtraq: 24426
Signature Description: Microsoft Speech API is a software package that provides text-to-speech and speech
recognition capabilities. The Microsoft Speech API includes ActiveX controls called ActiveListen and ActiveVoice,
which are provided by Xlisten.dll and XVoice.dll, respectively. An attacker could exploit this vulnerability by
persuading a victim to visit a specially-crafted Web page containing hex encoded shellcode. Set killbit to the clsid
EEE78591-FE22-11D0-8BEF-0060081841DE to resolve this issue.
Signature ID: 34346
Microsoft Speech API 4 COM Object ActiveX Control Buffer Overflow
Threat Level: Severe
Industry ID: CVE-CVE-2007-2222
Bugtraq: 24426
Signature Description: Microsoft Speech API is a software package that provides text-to-speech and speech
recognition capabilities. The Microsoft Speech API includes ActiveX controls called ActiveListen and ActiveVoice,
which are provided by Xlisten.dll and XVoice.dll, respectively. An attacker could exploit this vulnerability by