TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

791

792

793

794

795

796

797

798

799

800

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

798

string containing Null characters) via TCP on port 41523, a remote attacker could overflow a buffer and execute

arbitrary code on the system.

Signature ID: 34465

Microsoft IIS Malformed URL Denial of Service Vulnerability

Threat Level: Warning

Industry ID: CVE-2005-4360

Bugtraq: 15921

Signature Description: Microsoft Internet Information Services (IIS) is a set of Internet-based services for servers using

Microsoft Windows. Microsoft Internet Information Server 5.1 on windows XP Professional SP2 is vulnerable to a

denial service attack. By sending an URL request to ".dll" followed by arguments (such as ~0 through ~9), which

causes ntdll.dll to produce a return value that is not correctly handled by IIS, a remote attacker could execute arbitrary

code and crash the system. Upgrade the patches are available from vendors web site.

Signature ID: 34466

Oracle 10g iSQLPLus Service heap overflow

Threat Level: Severe

Industry ID: CVE-2004-1371 Bugtraq: 10871

Signature Description: SQLPLus is an interactive and batch query tool that is installed with every oracle Database

Server. It has a command-line user interface, a windows Graphical User Interface. Oracle 10g database server is

(Oracle Database Server version 10.1.0.2) vulnerable to a heap-based buffer overflow. By sending an overly long string

in "username" or "connectID" parameter of "/isqlplus/login.uix", a remote attacker could overflow a buffer and execute

arbitrary code with privileges of the Oracle user.

Signature ID: 34467

RealNetworks Helix Server DESCRIBE Request Buffer Overflow

Threat Level: Severe

Industry ID: CVE-2006-6026 Bugtraq: 23068,21141

Signature Description: The Helix DNA Server is a universal delivery engine Supporting the real time packetization and

network transmission of any media type of any device. Helix DNA Server (Real, Helix DNA Server 11.0 and 11.1) are

vulnerable to a heap-based buffer overflow. By sending an overly long string in DESCRIBE request with an invalid

LoadTestPassword field on TCP Port 554, a remote attacker could overflow a buffer and execute arbitrary code on the

system.

Signature ID: 34468

Oracle Database Server XDB.DBMS_XMLSCHEMA Buffer Overflow

Threat Level: Warning

Industry ID: CVE-2006-0272 Bugtraq: 16287

Signature Description: Oracle Database Server provides the DBMS_XMLSCHEMA and DBMS_XMLSCHEMA_INT

Packages that include procedures to register and delete XML SCHEMAS. By default XDB.

DBMS_XMLSCHEMA_INT has execute permission to PUBLIC. Oracle Database Server is vulnerable to buffer

overflow. By sending an overly long parameters to the procedures, a remote attacker could overflow a buffer and

execute arbitrary code on the system or cause the Oracle process to crash.

Signature ID: 34469

Microsoft SQL Server TDS Packet Fragment Handling Vulnerability

Threat Level: Warning

Industry ID: CVE-2004-1560 Bugtraq: 11265

Signature Description: Microsoft SQL Server is a relational database management system (RDBMS) produced by

Microsoft. It is primary language is Transact-SQL, an implementation of the ANS/ISO standard Structured Query