TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
799
Language used by both Microsoft and Sybase. Microsoft SQL Server (Microsoft SQL Server version 7.0 through 7.0
SP3) are vulnerable to a denial of service attack. By sending an overly long string (above 700000 bytes) on TCP port
1433, a remote attacker could overflow a buffer and cause the server to crash.
Signature ID: 34470
Oracle Database Server SDO_CS.TRANSFORM_LAYER Buffer Overflow
Threat Level: Warning
Industry ID: CVE-2006-5344 Bugtraq: 20588
Signature Description: Oracle Database Server is a relational database application suite designed to support grid
computing and clustering in an enterprise. Oracle spatial uses a special schema, called Multi Dimentional
System(MDSYS). This MDSYS schema contains functionally categorized set of packages. The MDSYS.SDO_CS
package contains functions and procedures for working with coordinate systems. MDSYS.SDO_CS has a function
called TRANSFORM_LAYER. This function transforms all geometries in a specified column in a table. Oracle
Database Server is (Oracle Database Server 8.1.7.4 and prior and Oracle Database Server 9.0.1.5 and prior) vulnerable
to a stack-based buffer overflow. By processing the parameters passed to the function TRANSFORM_LAYER of the
package SDO_CS, a remote attacker could overflow a buffer and execute arbitrary code on the system.
Signature ID: 34471
Oracle Database sys.pbsde.init Procedure Buffer Overflow
Threat Level: Warning
Industry ID: CVE-2005-0873 Bugtraq: 15134
Signature Description: Oracle Database consists of a collection of data managed by an Oracle database management
system. Oracle Database is vulnerable to a buffer overflow. By processing the parameters passed to the function
sys.pbsde.init, a remote attacker could overflow a buffer and execute arbitrary code on the system.
Signature ID: 34472
Symantec AntiVirus Scan Engine Administrative Interface Buffer Overflow
Threat Level: Severe
Industry ID: CVE-2005-2758 Bugtraq: 15001
Signature Description: Symantec Scan Engine is a connect scanning services and API to protect against viruses and
other unwanted content. Symantec Antivirus Scan Engine is (Symantec Antivirus Scan Engine 4.0 and 4.3) Vulnerable
to heap-based buffer overflow. By sending specially-crafted HTTP request containing a negative value in certain HTTP
header on TCP port 8004 or 8001, a remote attacker could overflow a buffer and execute arbitrary code on the system.
Signature ID: 34473
Oracle Application Server 10g emagent.exe Stack Buffer Overflow
Threat Level: Warning
Bugtraq: 15146
Signature Description: Oracle Application Server 10g, is an integrated, standards-based software platform. It is part of
Oracle's Fusion Middleware technology-stack. It consists of Oracle HTTP Server and OC4J which deploys J2EE-based
applications. Oracle Application Server (Oracle Application Server 10.1.2 R2) is vulnerable to a stack-based buffer
overflow in the emagent.exe service. By sending an overly long URL parameters in GET requests to TCP port 1830, a
remote attacker could overflow a buffer and execute arbitrary code on the system.
Signature ID: 34474
IBM Tivoli Storage Manager Initial Sign-on Request Buffer Overflow
Threat Level: Warning
Industry ID: CVE-2006-5855 Bugtraq: 21440
Signature Description: IBM Tivoli Storage Manager is a remote backup software package that runs on clients and