TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
862
Signature ID: 34917
GNU Radius SQL Accounting Format String Vulnerability
Threat Level: Warning
Industry ID: CVE-2006-4181 Bugtraq: 21303
Signature Description: The Remote Authentication Dial In User Service (RADIUS) protocol is widely used and
implemented to manage access to network services. It defines a standard for information exchange between a Network
Access Server (NAS) and an authentication, authorization, and accounting (AAA) server for performing authentication,
authorization, and accounting operations. GNU Radius 1.3 and prior versions are vulnerable, a remote user can send
specially crafted data to trigger a format string flaw and execute arbitrary code on the target system. Patches are
available at vendor website.
Signature ID: 34918
EMC Dantz Retrospect Backup Agent Denial of Service vulnerability
Threat Level: Warning
Industry ID: CVE-2006-0995 Bugtraq: 16933
Signature Description: EMC Retrospect is part of the EMC Insignia line of software and hardware products, which
enables small and medium businesses to store, manage protect, and share vital business information. EMC Dantz
Retrospect 7 backup client 7.0.107, and other versions before 7.0.109 are vulnerable. These vulnerable versions allows
remote attackers to cause a denial of service, client termination and loss of backup service via a malformed packet to
TCP port 497, which triggers an assert error.
Signature ID: 34919
Microsoft Internet Explorer Script Action Handler Buffer Overflow vulnerability
Threat Level: Warning
Industry ID: CVE-2006-1245 Bugtraq: 17131
Signature Description: Microsoft Internet Explorer abbreviated MSIE, commonly abbreviated to IE, is a series of
graphical web browsers developed by Microsoft and included as part of the Microsoft Windows line of operating
systems. Microsoft, Internet Explorer 6 is vulnerable and probably other versions, allows remote attackers to execute
arbitrary code via an HTML tag with a large number of script action handlers such as onload and onmouseover, as
demonstrated using onclick. Patches are available at microsoft website.
Signature ID: 34920
Microsoft Internet Explorer Long URL Buffer Overflow vulnerability
Threat Level: Warning
Industry ID: CVE-2006-3869 Bugtraq: 19667
Signature Description: Microsoft Internet Explorer abbreviated MSIE), commonly abbreviated to IE, is a series of
graphical web browsers developed by Microsoft and included as part of the Microsoft Windows line of operating
systems. A remote user can create a specially crafted URL to sites using HTTP 1.1, when loaded by the target user, will
trigger a buffer overflow and execute arbitrary code on the target system. The code will run with the privileges of the
victim. Patches are available at microsoft website.
Signature ID: 34922
Apple Mac OS X iChat AIM URL Format String Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-0021
Bugtraq: 22146
Signature Description: IChat AV is an AOL Instant Messenger (AIM), Mac, ICQ and XMPP client by Apple Inc. for
their Mac OS X operating system. Using a Jabber-like protocol and Bonjour for user discovery. Apple iChat 3.1.6 is
vulnerable to DoS, caused by a format string vulnerability in the handling of the aim:// URL handler. An attacker can