TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
903
SecurityGateway.dll user can cause stack-based buffer overflow. Successful exploitation allows attacker to execute
arbitrary code. Vendor has provided patch to resolve this issue. Please see the references.
Signature ID: 35233
Borland CaliberRM StarTeam Multicast Service Buffer Overflow
Threat Level: Minor
Industry ID: CVE-2008-0311 Bugtraq: 28602
Signature Description: Borland CaliberRM is an enterprise software requirements management system. It is part of
Borland's distributed development and deployment solution. Borland Caliber Analyst is an enterprise product suite that
aligns business and IT by enabling stakeholders across the organization to collaborate effectively on software
requirements engineering. Borland CaliberRM 2006 and 2008 are vulnerable to stack based buffer overflow. The
vulnerability is caused due to a boundary error within "PGMWebHandler::parse_request()" in the StarTeam Multicast
Service component (STMulticastService). This can be exploited by sending an overly long HTTP request to default
port 3057/TCP. Successful exploitation allows execution of arbitrary code but requires that the StarTeam Multicast
service is installed by enabling MPX Events and StarTeam Message Broker options during installation.
Signature ID: 35234
Winamp Ultravox Streaming Metadata Parsing Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-0065 Bugtraq: 27344
Signature Description: Winamp is a media player developed by Nullsoft, and now is a subsidiary of Time Warner. It is
skinnable, multi-format freeware and shareware. Winamp versions 5.21, 5.5, and 5.51 are vulnerable to buffer overflow
attack. The vulnerability is caused due to boundary error in "in_mp3.dll" within the construction of stream titles when
parsing Ultravox streaming metadata. By sending an overly long artist or name tag, a remote attacker could overflow a
buffer and execute arbitrary code on the system with administrator previleges or cause the application to crash. Vendor
has provided patches to resolve this issue.Multiple stack-based buffer overflows in in_mp3.dll in Winamp 5.21, 5.5,
and 5.51 are vulnerable to this attack.
Signature ID: 35235
Winamp Ultravox Streaming Metadata Parsing Buffer Overflow Vulnerability
Threat Level: Severe
Bugtraq: 27344
Signature Description: Winamp is a media player developed by Nullsoft, and now is a subsidiary of Time Warner. It is
skinnable, multi-format freeware and shareware. Winamp versions 5.21, 5.5, and 5.51 are vulnerable to buffer overflow
attack. The vulnerability is caused due to boundary error in "in_mp3.dll" within the construction of stream titles when
parsing Ultravox streaming metadata. By sending an overly long artist or name tag, a remote attacker could overflow a
buffer and execute arbitrary code on the system with administrator previleges or cause the application to crash. Vendor
has provided patches to resolve this issue.
Signature ID: 35236
Firebird Username Remote Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-0467
Bugtraq: 27467
Signature Description: Firebird is a relational database which offers many ANSI SQL standard features that runs on
Linux, Windows, and a variety of Unix platforms. Firebird offers excellent concurrency, high performance, and
powerful language support for stored procedures and triggers. Firebird prior to 2.1 RC1 versions are vulnerable to stack
based buffer overflow attack. This vulnerability is caused due to improper bounds checking while processing
usernames. By sending an overly long username, a remote attacker could overflow a buffer and execute arbitrary code
on the system or cause the application to crash. Patches are available to resolve this issue.