TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
902
Signature Description: The Microsoft Rich Text Box ActiveX control provides a user interface widget for editing Rich
Text Format (RTF) documents. Microsoft rich text box activex control(Microsoft Rich Textbox Control 6.0) is
vulnerable to arbitary files overwrite via insecure savefile method. A specially crafted web page that instantiated this
control can be able to exploit this vulnerability to create or overwrite arbitrary files with the privileges of the current
user. User can set the kill bit for CLSID B617B991-A767-4F05-99BA-AC6FCABB102E to stop working of this
activex control.
Signature ID: 35229
Microsoft Rich Text Box ActiveX Control Arbitrary File Overwrite Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-0237
Bugtraq: 27201
Signature Description: The Microsoft Rich Text Box ActiveX control provides a user interface widget for editing Rich
Text Format (RTF) documents. Microsoft rich text box activex control(Microsoft Rich Textbox Control 6.0) is
vulnerable to arbitrary files overwrite via insecure savefile method. A specially crafted web page that instantiated this
control can be able to exploit this vulnerability to create or overwrite arbitrary files with the privileges of the current
user. User can set the kill bit for CLSID B617B991-A767-4F05-99BA-AC6FCABB102E to stop working of this
axtivex control.
Signature ID: 35230
HTTP Yahoo Messenger AudioConf ActiveX Overflow
Threat Level: Severe
Industry ID: CVE-2007-1680 Bugtraq: 23291
Signature Description: Yahoo Messenger is vulnerable to a stack-based buffer overflow, caused by improper bounds
checking by the Yahoo.AudioConf ActiveX control(yacscom.dll) in Yahoo Messenger. By creating a specially-crafted
Web page with large socksHostname and hostname properties and once the createAndJoinConference() method is
called, a remote attacker could execute arbitrary code on the system, if the attacker could persuade the victim to click a
link to a malicious Web page.Yahoo Messenger versions released prior to March 13, 2007 are vulnerable to this issue.
Users are advised to set kill bit to the clsid corresponding to the progid Yahoo.AudioConf to resolve this issue.
Signature ID: 35231
MySQL yaSSL SSL Hello Message Buffer Overflow vulnerability
Threat Level: Severe
Industry ID: CVE-2008-0226 Bugtraq: 27140
Signature Description: MySQL is an open-source database software package available for multiple platforms. yaSSL is
an SSL library. If SSL support is enabled, MySQL uses yaSSL service by default. yaSSL 5.0.51 and prior are
vulnerable to the Denial of service attack. By sending a specially crafted client Hello message when using yaSSL for
secure connection attacker may overflow buffer. By successfully exploiting these issues allows remote attackers to
execute arbitrary code in the context of applications using the library and failed attacks will cause denial-of-service
conditions. Please upgrade to the latest version of the yaSSL version to resolve this issue.
Signature ID: 35232
Alt-N SecurityGateway username Buffer Overflow Vulnerability
Threat Level: Severe
Bugtraq: 29457
Signature Description: SecurityGateway Email Spam Firewall for Exchange/SMTP Servers provides affordable
inbound and outbound email security with a powerful spam filter. It is simple to administrate and offers comprehensive
reporting that identifies email traffic patterns and potential problems. Alt-N SecurityGateway version 1.0.1 and prior
are vulnerable to the denial of service attack. The vulnerability is due to the boundary error in processing HTTP
requests sent to the administrative web interface. By sending an overly long "username" parameter to