TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
804
Signature ID: 34499
Cisco IOS Show IP BGP Regexp Remote Denial of Service Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4430 Bugtraq: 25352
Signature Description: BGP (Border Gateway Protocol) is a protocol for exchanging routing information between
gateway hosts in a network autonomous systems and is used between gateway hosts on the Internet. Cisco IOS ( Cisco
IOS 12.0 through 12.4) are vulnerable to cause a denial of service. By sending the command with Regular expressions
containing repetition operators and pattern recalls (like as show ip bgp regexp (.*)(_\1)+) can trigger the stack
overflow.
Signature ID: 34516
HP Virtual Rooms client Buffer Overflow Vulnerabilities
Threat Level: Severe
Bugtraq: 27384
Signature Description: HP Virtual Rooms is a suite of online collaboration, training and support tools.HP uses an
ActiveX control to install the Virtual Rooms client. The HP Virtual Rooms Install ActiveX control(HPVirtualRooms14
ActiveX control 1.0.0.100) is vulnerable to a buffer overflow that can be exploited via AuthenticationURL() or
PortalAPIURL() or cabroot() methods.A remote attacker can create specially crafted HTML page which contain %u
encoded exploit code, that when loaded by the target user, will trigger a buffer overflow and execute arbitrary code on
the target system with the privileges of the user.No remedy available as of January 2008. Alternatively user can set the
killbit for for the vulnerable ActiveX control's CLSID 00000014-9593-4264-8B29-930B3E4EDCCD.
Signature ID: 34517
HP Virtual Rooms client Buffer Overflow Vulnerabilities
Threat Level: Severe
Bugtraq: 27384
Signature Description: HP Virtual Rooms is a suite of online collaboration, training and support tools.HP uses an
ActiveX control to install the Virtual Rooms client. The HP Virtual Rooms Install ActiveX control(HPVirtualRooms14
ActiveX control 1.0.0.100) is vulnerable to a buffer overflow that can be exploited via AuthenticationURL() or
PortalAPIURL() or cabroot() methods.A remote attacker can create specially crafted HTML page which contain
malformed hex encoded code, that when loaded by the target user, will trigger a buffer overflow and execute arbitrary
code on the target system with the privileges of the user.No remedy available as of January 2008. Alternatively user
can set the killbit for for the vulnerable ActiveX control's CLSID 00000014-9593-4264-8B29-930B3E4EDCCD.
Signature ID: 34518
HP Virtual Rooms client Buffer Overflow Vulnerabilities
Threat Level: Warning
Bugtraq: 27384
Signature Description: HP Virtual Rooms is a suite of online collaboration, training and support tools.HP uses an
ActiveX control to install the Virtual Rooms client. The HP Virtual Rooms Install ActiveX control(HPVirtualRooms14
ActiveX control 1.0.0.100) is vulnerable to a buffer overflow that can be exploited via AuthenticationURL() or
PortalAPIURL() or cabroot() methods. A remote attacker can create specially crafted HTML that,when loaded by the
target user, will trigger a buffer overflow and execute arbitrary code on the target system with the privileges of the
user.No remedy available as of January 2008. Alternatively user can set the killbit for for the vulnerable ActiveX
control's CLSID 00000014-9593-4264-8B29-930B3E4EDCCD.