TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
824
Signature ID: 34638
IBM Domino Web Access 'dwa7w.dll' ActiveX Control Buffer Overflow
Threat Level: Severe
Industry ID: CVE-2007-4474 Bugtraq: 26972
Signature Description: Buffer overflow in General_ServerName Property of dwa7w.dll of IBM Lotus Domino Web
Access ActiveX Control. By assigning a overly long string to the General_ServerName property then calling by
InstallBrowserHelperDll() method an attacker can corrupt the memory of the application. An attacker can exploit by
tricking a user into visiting a specially crafted web page.
Signature ID: 34650
Macrovision FLEXnet boisweb.dll ActiveX Control Buffer Overflow
Threat Level: Severe
Industry ID: CVE-2007-6654 CVE-2007-2419
Signature Description: The Macrovision ActiveX control (isusweb.dll), DownloadAndExecute() method in the
InstallShield Update Service is vulnerable to a buffer overflow. An attacker can exploits this by assigning overly-long
string to the DownloadAndExecute() method causing buffer overflow in the victim’s browser. This may lead to
browser crash or can execute malicious code from the remote.
Signature ID: 34652
Microsoft Internet Explorer Speech API 4 COM Object Instantiation Buffer Overflow
Threat Level: Severe
Industry ID: CVE-2007-2222 Bugtraq: 24426
Signature Description: Microsoft Speech API 4 ActiveX control has buffer overflow vulnerability. An attacker could
exploit this vulnerability by enticing a victim to visit a specially crafted Web page. Successful exploitation may cause
memory corruption or may execute arbitrary code on the victim’s system. Exploit attempts of this vulnerability
are detected using a combination of two signatures. This is the second signature and generates a log message.
Signature ID: 34698
IBM Informix Dynamic Server username buffer overflow
Threat Level: Severe
Industry ID: CVE-2006-3853
CVE-2006-3854 Bugtraq: 19264
Signature Description: Informix Dynamic Server is a database developed by IBM. During a security assessment of the
database it was found that stack based buffer overflow in the authentication procedure.When an Informix server logs on
a user it copies the username to a 260 byte stack based buffer without first verifying its length. An Attacker can exploit
this by overflowing this buffer to overwrite the saved return address on the stack and thus redirect the process' path of
execution to a location of their choosing.The vulnerable versions are IBM Informix Dynamic Server (IDS) before
9.40.TC7 and 10.00 before 10.00.TC3.
Signature ID: 34699
IBM Lotus Domino IMAP Server CRAM-MD5 Username Buffer Overflow
Threat Level: Severe
Industry ID: CVE-2007-1675
Bugtraq: 23172,23173
Signature Description: IBM Lotus Domino Provides E-Mail Services using IMAP Protocol. When Client gets
connected to the Server, Server sends a challenge string to the client, client replies with his username, followed with a
space and then a 16-byte digest in hexadecimal notation and is the output of HMAC-MD5 with users password as
secret key, and the server string as the message. Server calculates the digest with the original secret key, username and
then compares that with the clients digest. If these two are equal, server accepts client as authenticated. An attacker can
exploit this by sending a long username ,i.e more than of 256 characters as the response to the server. An attacker can