TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

871

872

873

874

875

876

877

878

879

880

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

880

Signature ID: 35077

Microsoft Internet Explorer Frame Injection Vulnerability

Threat Level: Warning

Industry ID: CVE-2004-0719

Signature Description: A vulnerability in many popular Web browsers, including Netscape and Internet Explorer,

allows a malicious Web site operator to trick a user into entering possibly compromising information. This

vulnerability allows an attacker to create a frame inside a Web browser window that looks like that of a legitimate site,

which could fool an unwary user to provide personal information on the Web site.

Signature ID: 35078

Oracle Database Server SQL Injection In Package SYS.KUPV

Threat Level: Severe

Industry ID: CVE-2006-0586 Bugtraq: 16287

Signature Description: Oracle 10g is vulnerable to multiple SQL injection attacks in the SYS.KUPV$FT_INT package.

It contains 3 SQL injection vulnerabilities in the functions ATTACH_JOB, OPEN_JOB, HAS_PRIVS. Oracle fixed

these vulnerabilities with the package dbms_assert.KUPV$FT ATTACH_JOB Parameter user_name and job_name

vulnerable against SQL Injection KUPV$FT HAS_PRIVS Parameter linkname vulnerable against SQL Injection

KUPV$FT OPEN_JOB Parameter user_name, job_name, operation, job_mode vulnerable against SQL Injection and

allow the attacker to add, modify, or delete information in the back-end database.

Signature ID: 35079

Oracle Database Server Crafted View Privilege Escalation

Threat Level: Warning

Bugtraq: 17426

Signature Description: Oracle Database could allow an unprivileged user to modify data in a base table. An attacker

with SELECT only privileges could use a specially-crafted view to insert, update, or delete data in a base table. An

attacker must have the CREATE VIEW privilege and SELECT privileges on certain tables to exploit this vulnerability

and may able to execute arbitrary SQL statements with elevated privileges. This may allow the attacker to access and

modify sensitive information within an Oracle database. Oracle versions 9.2.0.0 through 10.2.0.3 are affected by this

issue.

Signature ID: 35080

Oracle Database SYS.KUPW-WORKER Package MAIN Procedure SQL Injection

Threat Level: Severe

Industry ID: CVE-2006-3698 Bugtraq: 19054

Signature Description: Oracle Database 10g is vulnerable to SQL injection in the SYS.KUPW$WORKER package

(Data Pump Metadata API component). A remote attacker with EXECUTE permissions could send specially-crafted

SQL statements to the database using unspecified parameters, which could allow the attacker to view, add, modify, or

delete information in the back-end database.The string value passed as a function argument is escaped by extra single

quotes and normally uses the concatenation operator "||" for injection purposes. Oracle Database Server 10g 10.1.0.5

and priors are vulnerable.

Signature ID: 35081

Microsoft Internet Explorer Cross Domain Information Disclosure

Threat Level: Severe

Industry ID: CVE-2006-3280 Bugtraq: 18682

Signature Description: Microsoft Internet Explorer could allow a remote attacker to bypass cross-domain security

restrictions and obtain sensitive information, caused by validation error and improper handling of URL redirects by the