TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
863
create a specially crafted AIM URL that, when loaded by the target user, will trigger a format string flaw and cause the
iChat application to crash or execute arbitrary code. Patches are available at apple website.
Signature ID: 34923
Microsoft ASP.NET Application Folder Information Disclosure vulnerability
Threat Level: Warning
Industry ID: CVE-2006-1300 Bugtraq: 18920
Signature Description: The Microsoft .NET Framework is a software technology that is available with several
Microsoft Windows operating systems. It includes a large library of pre-coded solutions to common programming
problems, a runtime or virtual machine that manages the execution of programs written specifically for the framework,
and a set of tools for configuring and building applications. Microsoft .NET Framework 2.0 prior to this versions sre
vulnerable, a remote attacker could exploit this vulnerability by sending a specially-crafted URL request to an affected
Web server to access any known object in the App_Code folder directly. Patches are available at microsoft website.
Signature ID: 34924
Microsoft Windows Explorer Invalid URL File Parsing Stack Overflow vulnerability
Threat Level: Warning
Industry ID: CVE-2006-3351 Bugtraq: 18838
Signature Description: Microsoft Windows is a series of software operating systems produced by Microsoft. Microsoft
first introduced an operating environment named Windows in November 1985 as an add-on to MS-DOS in response to
the growing interest in graphical user interfaces. Windows(explorer.exe) XP and 2003 all versions vulnerable, it allows
user-assisted attackers to cause a denial of service and possibly execute arbitrary code via a .url file with an
InternetShortcut tag containing a long URL and a large number of file: specifiers. No remedy available as of July 2008.
Signature ID: 34925
RealNetworks RealPlayer RealText Parsing Buffer Overflow vulnerability
Threat Level: Severe
Industry ID: CVE-2005-1766 Bugtraq: 14048
Signature Description: RealPlayer is a cross-platform media player by RealNetworks that plays a number of
multimedia formats including MP3, MPEG-4, QuickTime, Windows Media, and multiple versions of proprietary
RealAudio and RealVideo formats. Real HelixPlayer and RealPlayer 10 are vulnerable, these allows remote attackers
to execute arbitrary code via the image handle attribute in a RealText (.rt) file. Attacker will send with overly long
realtext file, heap-based buffer overflow will happen. Patches are available at debian website.
Signature ID: 34926
Microsoft Windows WebDAV Mini-Redirector Heap Buffer Overflow vulnerability
Threat Level: Warning
Industry ID: CVE-2008-0080
Bugtraq: 27670
Signature Description: Web-based Distributed Authoring and Versioning, or WebDAV, is a set of extensions to the
HTTP which allows users to collaboratively edit and manage files on remote WWW servers. The group of developers
responsible for these extensions was also known by the same name and was a working group of the IETF. WebDAV
Mini-Redirector in Microsoft Windows XP SP2, Server 2003 SP1 and SP2, and Vista are vulnerable. These versions
are allow a remote attackers to execute arbitrary code via a crafted WebDAV response, heap based buffer overflow will
happen. Patches are available at microsoft website.
Signature ID: 34927
Sun Java Web Start Charset Encoding Stack Buffer Overflow vulnerability
Threat Level: Warning
Industry ID: CVE-2008-1188
Bugtraq: 28083