TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
948
and applications on an IBM Lotus Domino server. IBM Lotus Notes, version 6.5, 7.0, and 8.0, is a stack-based buffer
overflow vulnerability in the Maker Interchange File viewer(mifsr.dll). This issue is triggered when an attacker can
crate a specially-crafted .mif file. The MIF contains overly long lines and tag names/values that will trigger the buffer
overflow when viewed within Lotus Notes. The successful exploitation may allow an attacker to overflow a buffer and
execute arbitrary code on the system or cause the victim's application to crash. The issue is fixed in the version of IBM
Lotus Notes(7.0.3 and 8.0.1), available at vendor's web site. Administrator's are advise to update the latest version of
IBM Lotus Notes(7.0.3 and 8.0.1) for resolve this issue.
Signature ID: 35462
RealNetworks RealPlayer MP3 Files Processing Buffer Overflow vulnerability
Threat Level: Warning
Industry ID: CVE-2007-5080
Bugtraq: 26214
Signature Description: The RealNetworks RealPlayer application allow users to view local and remote audio and video
content. It include support for a number of different media formats, including the MP3 audio-encoding format.
RealNetworks RealPlayer, version 10 and 10.5, is a heap-based buffer overflow vulnerability, caused by improper
bounds checking of Lyrics3 tags in MP3 files. This issue is triggered when an attacker can create a specially-crafted
MP3 file that, when loaded by the target user. The successful exploitation may allow an attacker to overflow a buffer
and execute arbitrary code on the system.
Signature ID: 35463
ISC DHCP Server Client Identifier Field Denial of Service Vulnerability
Threat Level: Severe
Industry ID: CVE-2006-3122 Bugtraq: 19348
Signature Description: ISC DHCP(Dynamic Host Configuration Protocol is used to centrally manage and automate the
assignment of IP addresses on a network. It is an extension of the BOOTP protocol) is open source software that
implements the Dynamic Host Configuration Protocols for connection to a local network. DHCP uses UDP ports 67
and 68 for communication. ISC DHCP, version 2.x, is a denial of service vulnerability. This issue is triggered when the
length of the client identifier field is exactly 32 bytes. The successful exploitation may allow an attacker to crash the
DHCP service. The issue is fixed in the version of DHCP 3.x, which is available from vendor's web site. The
Administrator's are advise to update the latest version of DHCP 3.x for resolve this issue.
Signature ID: 35464
Mozilla Firefox DOMNodeRemoved Memory Corruption
Threat Level: Warning
Industry ID: CVE-2006-2779
Bugtraq: 18228
Signature Description: Mozilla Firefox is a widely used, full-featured, open source, freely available web browser. It
supports scripting and multiple HTML specifications. It uses the Document Object Model(DOM) to interpret and
render HTML documents. Mozilla Firefox, version before 1.5.0.4, is a memory corruption vulnerability, caused by
improper handling of the DOMNodeRemoved event by the DOM structure manipulation functions(appendchild()) that
are called by the appropriate mutation event handler. The signature detects when a user to view a specially-crafted
HTML document. The successful exploitation may allow an attacker to execute arbitrary code on the system or cause a
victim's browser to crash.
Signature ID: 35465
Microsoft Windows Remote Desktop Protocol Denial of Service vulnerability
Threat Level: Warning
Industry ID: CVE-2005-1218
Bugtraq: 14259
Signature Description: RDP(Remote Desktop Protocol) is a multichannel-capable protocol that allows for separate
virtual channels for carrying device communication and presentation data from the server, as well as encrypted client