TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
836
client applications to include several different sources of data in one transaction and which then coordinates committing
the distributed transaction across all the servers that are enlisted in the transaction.he Microsoft Distributed Transaction
Service Coordinator (MSDTC) installed on Microsoft Windows 2000, Windows XP, and Windows Server 2003 is
vulnerable to a denial of service attack, caused by a buffer overflow in the MSDTC service. A remote attacker could
overflow a buffer and cause the MSDTC service to stop responding.
Signature ID: 34768
Microsoft Internet Explorer IsComponentInstalled Buffer Overflow vulnerability
Threat Level: Severe
Industry ID: CVE-2006-1016 Bugtraq: 16870
Signature Description: Microsoft Internet Explorer is web browser for downloading web pages.Microsoft Internet
Explorer(6) is vulnerable to a stack-based buffer overflow in the IsComponentInstalled() method.A remote attacker
could exploit this vulnerability using a malicious Web page to execute arbitrary code and gain complete control over a
victim's system. Update the patches available from vendors web site.
Signature ID: 34769
Nullsoft Winamp M3U Remote Buffer Overflow vulnerability
Threat Level: Severe
Industry ID: CVE-2006-0708 Bugtraq: 16623
Signature Description: Winamp is a music player for Microsoft Windows. Winamp versions 5.13 and earlier are
vulnerable to buffer overflow, caused by improper validation of the playlist.a remote attacker could overflow a buffer
and cause Winamp to crash or execute arbitrary code on the system, once a victim loads the malicious playlist. An
attacker could exploit this vulnerability by hosting the malicious file on a Web page. Update the latest version available
from vendors web site
Signature ID: 34770
Retrospect Client Crafted Packet Buffer Overflow vulnerability
Threat Level: Severe
Industry ID: CVE-2006-2391 Bugtraq: 17948
Signature Description: EMC Retrospect is a backup and recovery application designed for small to medium sized
networks. In a typical Retrospect setup, the EMC Retrospect Client software is installed on all of the computers that
require backups. The clients are then configured to listen on port 497/tcp for commands from the EMC Retrospect
Server. EMC Retrospect Client is vulnerable to a buffer overflow in the Retroclient service. By sending a specially-
crafted packet to port 497 on a client system, a remote attacker could overflow a buffer and cause the client to crash or
execute arbitrary code on the system. Update the patches available from vendors web site.
Signature ID: 34771
Mozilla Products QueryInterface Method Memory Corruption vulnerability
Threat Level: Warning
Industry ID: CVE-2006-0295 Bugtraq: 16476
Signature Description: Mozilla Firefox is a web browser descended from the Mozilla Application Suite, managed by
the Mozilla Corporation. Firefox uses the open source Gecko layout engine, which implements some current web
standards plus a few features which are intended to anticipate likely additions to the standards. Firefox includes tabbed
browsing, a spell checker, incremental find, live bookmarking, a download manager, and an integrated search system
that uses the user's desired search engine. Firefox runs on various versions of Microsoft Windows, Mac OS X, Linux,
and many other Unix-like operating systems. Multiple Mozilla products, including Firefox(Firefox 1.5),
Thunderbird(Thunderbird 1.5), and SeaMonkey(SeaMonkey 1.0 Beta) are vulnerability to memory corruption when
calling the QueryInterface method of the Location and Navigator objects. A remote attacker could exploit this
vulnerability using a specially-crafted Web page. Update the patches available from vendors web site.