TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
906
exploited by sending large number of CWD commands to vsftp daemon with deny_file configuration option in
/etc/vsftpd/vsftpd.conf or the path where FTP server is installed.
Signature ID: 35247
Microsoft Internet Explorer Argument Handling Memory Corruption Vulnerability
Threat Level: Warning
Industry ID: CVE-2008-0078
Bugtraq: 27689
Signature Description: Windows Internet Explorer (formerly Microsoft Internet Explorer abbreviated MSIE),
commonly abbreviated to IE, is a series of graphical web browsers developed by Microsoft and included as part of the
Microsoft Windows line of operating systems starting in 1995. MSIE versions 5.01, 6, 6 SP1, 7 are vulnerable to this
memory corruption vulnerability. By sending an specially crafted image that, when loaded by the target user, will
invoke the 'dxtmsft.dll' ActiveX control and trigger a memory corruption error to execute arbitrary code on the target
system. The code will run with the privileges of the target user. Vendor has provided patches to resolve this issue.
Update the latest version available from vendors web site. Alternatively user can set the kill bit for CLSID 1E54333B-
2A00-11d1-8198-0000F87557DB.
Signature ID: 35248
Microsoft Internet Explorer Argument Handling Memory Corruption Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-0078 Bugtraq: 27689
Signature Description: Windows Internet Explorer (formerly Microsoft Internet Explorer abbreviated MSIE),
commonly abbreviated to IE, is a series of graphical web browsers developed by Microsoft and included as part of the
Microsoft Windows line of operating systems starting in 1995. MSIE versions 5.01, 6, 6 SP1, 7 are vulnerable to this
memory corruption vulnerability. By sending an specially crafted image that, when loaded by the target user, will
invoke the 'dxtmsft.dll' ActiveX control and trigger a memory corruption error to execute arbitrary code on the target
system. The code will run with the privileges of the target user. Vendor has provided patches to resolve this issue.
Update the latest version available from vendors web site. Alternatively user can set the kill bit for CLSID 1E54333B-
2A00-11d1-8198-0000F87557DB. This signature detects attacks using CLSID and %HH encoding.
Signature ID: 35249
Microsoft Internet Explorer Argument Handling Memory Corruption Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-0078 Bugtraq: 27689
Signature Description: Windows Internet Explorer (formerly Microsoft Internet Explorer abbreviated MSIE),
commonly abbreviated to IE, is a series of graphical web browsers developed by Microsoft and included as part of the
Microsoft Windows line of operating systems starting in 1995. MSIE versions 5.01, 6, 6 SP1, 7 are vulnerable to this
memory corruption vulnerability. By sending an specially crafted image that, when loaded by the target user, will
invoke the 'dxtmsft.dll' ActiveX control and trigger a memory corruption error to execute arbitrary code on the target
system. The code will run with the privileges of the target user. Vendor has provided patches to resolve this issue.
Update the latest version available from vendors web site. Alternatively user can set the kill bit for CLSID 1E54333B-
2A00-11d1-8198-0000F87557DB. This signature detects attacks using CLSID and %uHHHH encoding.
Signature ID: 35250
Microsoft Internet Explorer Argument Handling Memory Corruption Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-0078
Bugtraq: 27689
Signature Description: Windows Internet Explorer (formerly Microsoft Internet Explorer abbreviated MSIE),
commonly abbreviated to IE, is a series of graphical web browsers developed by Microsoft and included as part of the
Microsoft Windows line of operating systems starting in 1995. MSIE versions 5.01, 6, 6 SP1, 7 are vulnerable to this