TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
853
daemon process, the bpcd(bpcd.exe) daemon listens on 13782/tcp. VERITAS NetBackup versions 5.0 and 6.0 are
vulnerable. The NetBackup bpcd daemon fails to properly validate commands. Netbackup service (bpcd.exe) when
parsing CONNECT_OPTIONS requests can be exploited to cause a stack-based buffer overflow via an overly long
request. Patches are available.
Signature ID: 34867
Adobe Download Manager AOM File Section Name Buffer Overflow vulnerability
Threat Level: Severe
Industry ID: CVE-2006-5856 Bugtraq: 21453
Signature Description: Adobe Download Manager is a stand-alone application that improves the process of
downloading files from Adobe. Adobe, Download Manager 2.1 and prior are vulnerable to a stack-based buffer
overflow, caused by improper bounds checking of the dm.ini file. By persuading a victim to open a specially-crafted
AOM file, which would write data to the dm.ini file, a remote attacker could overflow a buffer and execute arbitrary
code on the system. An attacker could exploit this vulnerability by hosting the AOM file on a Web site or sending it to
a victim as an email attachment.
Signature ID: 34868
Microsoft Windows HTML Help Control Cross-Zone Scripting Vulnerability
Threat Level: Severe
Industry ID: CVE-2004-1043 Bugtraq: 11467
Signature Description: The HTML Help ActiveX control (Hhctrl.ocx) provides a rich feature set for help systems. Key
features includes an expanding table of contents, keyword search, shortcuts, and pop-up help topics. The control is one
of the authoring components that ships with Microsoft HTML Help. It is also included with many third-party HTML
Help authoring tools. The Microsoft Windows HTML Help ActiveX control (hhctrl.ocx) does not properly determine
the source of windows opened by the Related Topics command. Internet Explorer 6.0 on Windows XP SP2 is
vulnerable, an attacker could exploit this vulnerability against Internet Explorer using a specially crafted web site
containing %u encoded exploit data.
Signature ID: 34869
Microsoft Windows HTML Help Control Cross-Zone Scripting Vulnerability
Threat Level: Severe
Industry ID: CVE-2004-1043
Bugtraq: 11467
Signature Description: The HTML Help ActiveX control (Hhctrl.ocx) provides a rich feature set for help systems. Key
features includes an expanding table of contents, keyword search, shortcuts, and pop-up help topics. The control is one
of the authoring components that ships with Microsoft HTML Help. It is also included with many third-party HTML
Help authoring tools. The Microsoft Windows HTML Help ActiveX control (hhctrl.ocx) does not properly determine
the source of windows opened by the Related Topics command. Internet Explorer 6.0 on Windows XP SP2 is
vulnerable, an attacker could exploit this vulnerability against Internet Explorer using a specially crafted web site
containing hex encoded shellcode.
Signature ID: 34870
Microsoft Windows HTML Help Control Cross-Zone Scripting Vulnerability
Threat Level: Warning
Industry ID: CVE-2004-1043
Bugtraq: 11467
Signature Description: The HTML Help ActiveX control (Hhctrl.ocx) provides a rich feature set for help systems. Key
features include: an expanding table of contents, keyword search, shortcuts, and pop-up help topics. The control is one
of the authoring components that ships with Microsoft HTML Help. It is also included with many third-party HTML
Help authoring tools. The Microsoft Windows HTML Help ActiveX control (hhctrl.ocx) does not properly determine
the source of windows opened by the Related Topics command. Internet Explorer 6.0 on Windows XP SP2 is