TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
842
X-MICROSOFT-CDO-MODPROPS properties in which the second MODPROPS is longer than the first, which
triggers a NULL pointer deference and an unhandled exception. This issue is resolved and fix's are available at vendors
web site.
Signature ID: 34798
CA ARCServe Backup for Laptops and Desktops LGServer Service Code Execution
Vulnerability
Threat Level: Warning
Industry ID: CVE-2008-1328
Signature Description: Computer Associates BrightStor ARCServe BackUp is an overall data backup solution.
Computer Associates ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2 are
vulnerable to buffer over flow via unspecified command arguments. This vulnerability is caused due to insufficient
validation of user supplied data. Successfully exploiting of this issue allows remote attackers to execute arbitrary
machine code with system-level privileges. This will result in a complete compromise of affected computers. Attackers
may also trigger application crashes, denying service to legitimate users. This issue is fixed and patches are available at
vendor web site.
Signature ID: 34799
Microsoft Active Directory LDAP Search Request Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-4023 Bugtraq: 31609
Signature Description: Lightweight Directory Access Protocol is a set of open protocols used to access centrally stored
information over a network. Microsoft Active Directory on Windows 2000 Server platform is vulnerable to a buffer
over flow. The vulnerability is specifically due to improper processing of LDAP Search requests. Remote
unauthenticated attackers could exploit this vulnerability by sending a specially crafted request to the affected server
and could possibly execute arbitrary code with system privileges, or cause denial of service condition due to memory
corruption. This issue is fixed and update the patches are available at vendor web site to resolve this issue.
Signature ID: 34805
Apple QuickTime QTPlugin.ocx ActiveX Control Multiple Methods Buffer Overflow
Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-0778 Bugtraq: 27769
Signature Description: Apple QuickTIme QTPlugin.ocx Control allows to view a wide variety of multimedia content
in web pages. QTPlugin.ocx version 7.4.1 and prior is vulnerable to a stack-based buffer overflow. By persuading a
victim to visit a specially-crafted web page that passes overly long arguments to the SetBgColor(), SetHREF(),
SetMovieName(), SetTarget(), or SetMatrix() function, a remote attacker could overflow a buffer and execute arbitrary
code on the system with the privileges of the victim or cause the victim's browser to crash. No remedy is available as of
February 2008. Alternately user can disable this ActiveX by setting a kill bit. This signature detects attacks using
PROGID and %uHHHH encoding.
Signature ID: 34806
Apple QuickTime QTPlugin.ocx ActiveX Control Multiple Methods Buffer Overflow
Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-0778 Bugtraq: 27769
Signature Description: Apple QuickTIme QTPlugin.ocx Control allows to view a wide variety of multimedia content
in web pages. QTPlugin.ocx version 7.4.1 and prior is vulnerable to a stack-based buffer overflow. By persuading a
victim to visit a specially-crafted web page that passes overly long arguments to the SetBgColor(), SetHREF(),