TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
832
heap based buffer overflow. By sending a specially crafted packet, an attacker can overflow the buffer leading to
arbitrary code execution. Update the patches available from vendors web sit.
Signature ID: 34731
Firebird Relational Database XDR Protocol Remote Memory Corruption Vulnerability
Threat Level: Warning
Industry ID: CVE-2008-0387
Bugtraq: 27403
Signature Description: InterBase is a relational database management system (RDBMS) currently developed and
marketed by CodeGear, a wholly-owned subsidiary of Borland Software Corporation. Firebird is a relational database
that runs on Linux, Windows, and a variety of Unix platforms. Firebird SQL version 1.0.3 and prior is vulnerable to
memory corruption. By sending a specially-crafted 'op_start_send_and_receive' request to TCP port 3050, a remote
attacker could overflow a buffer and execute arbitrary code on the system. Upgrade to latest version of the software or
install the updates provided by the software vendor which are available from vendor's website.
Signature ID: 34732
Citrix Systems Multiple Products IMA Service Buffer Overflow vulnerability
Threat Level: Severe
Industry ID: CVE-2008-0356 Bugtraq: 27329
Signature Description: Citrix Presentation Server is an application delivery system providing access to users across a
network. Presentation Server includes the Independent Management Architecture (IMA) service, which is responsible
for the deployment of applications, policies, and other resources of remote hosts. By sending a specially-crafted packet
to the IMA service, a remote attacker could overflow a buffer and execute arbitrary code on the system with the
privileges of the IMA server process. Update the patches available from the vendors web site.
Signature ID: 34739
AOL Radio AmpX ActiveX Control Buffer Overflow vulnerability
Threat Level: Warning
Industry ID: CVE-CVE-2007-5755 Bugtraq: 26396
Signature Description: AOL Radio is a streaming media service from AOL. Part of its functionality is implemented as
an ActiveX control.AOL Radio activeX control (AmpX ActiveX Control 2.6.1.11) is vunerable to a buffer overflow via
AppendFileToPlaylist.A specially crafted web page that instantiates this control could trigger this buffer overflow,
allowing an attacker to execute arbitrary code with the privileges of the current user.Alternatively user can set the
killbit for the vulnerable ActiveX control's CLSID b49c4597-8721-4789-9250-315dfbd9f525. Apply the patch for this
vulnerability (unagi_patch.exe), available from the AOL Web site.
Signature ID: 34750
Trend Micro ServerProtect Spntsvc.exe DCE/RPC multiple buffer overflow Exploit
Threat Level: Severe
Industry ID: CVE-2007-4218
Signature Description: RPC call _SetSvcImpersonateUser used by Spntsvc.exe excutable of Trend Micro ServerProtect
application is vulnerable to buffer overflow exploit. The call takes input without proper boundary checks on the user
supplied input.
Signature ID: 34751
Trend Micro ServerProtect Spntsvc.exe DCE/RPC multiple buffer overflow Exploit
Threat Level: Severe
Industry ID: CVE-2007-4218 Bugtraq: 25395
Signature Description: ServerProtect Agent service 5.58 Build 1176 is vulnerable to stack based buffer overflow. This
vulnerability is due to improper bounds checking by the SetSvcImpersonateUser function. By sending a malicious RPC