TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
949
mouse and keyboard data. Microsoft Windows RDP is a denial of service vulnerability, caused by input validation
error. This issue is triggered when an attacker could send a specially-crafted message on port 3389/tcp. The successful
exploitation may allow an attacker to cause the system to crash. The issue is fixed in the patch MS05-041. The
Administrator's are advise to apply the appropriate patch MS-05-041 for resolve the issue.
Signature ID: 35466
Symantec Scan Engine Authentication Bypass
Threat Level: Warning
Industry ID: CVE-2006-0230 Bugtraq: 17637
Signature Description: Symantec Scan Engine provides a web-based administrative interface that is used for managing
scanning options and antivirus definitions. Symantec Scan Engine 5.0.0.24, and before 5.1.0.7, could allow a remote
attacker to gain unauthorized administrative access to the web administrative interface, caused by a design error in the
authentication mechanism in which password verification is performed by a client-side applet. This issue is triggered
when an attacker sending specially-crafted XML request to TCP port 8004 or 8005. The successful exploitation may
allow an attacker could by pass authentication and gain administrative access to the Scan Engine server. The issue is
fixed in the version of Symantec Scan Engine(5.1.0.7 or later), which is available from vendor's web site. The
Administrator's are advice to update the latest version of Symantec Scan Engine(5.1 or later) for resolve this issue.
Signature ID: 35467
RealNetworks RealPlayer SWF Flash File Buffer Overflow vulnerability
Threat Level: Warning
Industry ID: CVE-2006-0323 Bugtraq: 17202
Signature Description: RealPlayer is a multimedia application that allows users to view local and remote audio/video
content. RealPlayer, version 10.x, is a buffer overflow vulnerability caused by improper bounds checking of
Shockwave Flash(SWF)(The SWF file format is used by Macromedia Flash multimedia files) files. This issue is
triggered when an attacker creating a malicious SWF file with long data and hosting it on a web site or sending it to a
victim as an email attachment. The successful exploitation may allow an attacker to overflow a buffer and execute
arbitrary code on the victim's system.
Signature ID: 35468
Oracle Single-Sign-On Vulnerability
Threat Level: Warning
Industry ID: CVE-2004-1877 Bugtraq: 10009
Signature Description: Oracle Single Sign-On(OSSO) is a customized login form that allows web clients to sign in
once, and be authenticated to multiple web applications. Oracle9i Single Sign-On is vulnerable to a security bypass.
This issue is triggered when an attacker create a specially-crafted URL with a 'p_submit_url' parameter to spoof a
trusted SSO login web page. The successful exploitation may allow an attacker to gain the usercode and password from
unsuspecting users, if they could be convince to visit the URL and login.
Signature ID: 35469
Oracle Create Database Link Buffer Overflow vulnerability
Threat Level: Severe
Industry ID: CVE-2003-0222
Bugtraq: 12296,7453
Signature Description: A database link is a schema object in one database that enables user to access objects on another
database. The other database need not be an Oracle Database system. However, to access non-Oracle systems. Once
created a database link, can use it to refer to tables and views on the other database. Oracle Database Server9i release 2
is a stack-based buffer overflow vulnerability. This issue is triggered when a remote attacker could create a database
link with an overly long 'USING' parameter as the connection string. The attacker could then use the SELECT
statement to query the link to overflow a buffer and use the privileges of the user running the Oracle Database server to
cause the server to crash and execute arbitrary code on the system.