TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
956
Signature ID: 35493
NCTAudioStudio2 ActiveX Control NCTWavChunksEditor.DLL Arbitrary File Overwrite
Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-3493 Bugtraq: 24656
Signature Description: NCTsoft NCTAudioStudio2 ActiveX control is a collection of ActiveX components for
building end-user audio data applications. NCTAudioStudio2, version 2.6.1.148, ActiveX
control(NCTWavChunksEditor2.dll) could allow a remote attacker to overwrite arbitrary files on the system. The issue
occurs when a remote attacker to create or overwrite arbitrary files via a full pathname in the argument to the
CreateFile method. The successful exploitation may allow an attacker to overwrite arbitrary files on the system. No
remedy available as of January 24, 2009.
Signature ID: 35494
Apple QuickTime RTSP URI Remote Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-0015
Signature Description: A vulnerability has been identified in QuickTime version 7.1.3, which could be exploited by
attackers to take complete control of an affected system. This issue is due to a stack overflow error when handling a
malformed "rtsp" URI, which could be exploited by remote attackers to execute arbitrary commands by tricking a user
into visiting a specially crafted web page or opening a malicious QTL file.
Signature ID: 35495
Novell eDirectory HTTP Request Content-Length Heap Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-4478 Bugtraq: 31553
Signature Description: Novell eDirectory is an X.500 compatible directory service software. It is used for centrally
managing access to resources on multiple servers and computers within a given network. Novell eDirectory, version
8.8.2 and prior and 8.7.3 SP10 and prior, is a integer overflow vulnerability. This issue is triggered when an attacker
sending Content-Length header within a SOAP request on TCP port 8028/8030. The successful exploitation may allow
an attacker to overflow a buffer and execute arbitrary code on the system. The issue is fixed in the version of Novell
eDirectory (8.7.3 SP10 FTF1), which is available from vendor's web site. The administrator's are advise to update the
latest version of Novell eDirectory (8.7.3 SP10 FTF1) for resolve the issue.
Signature ID: 35496
Novell eDirectory SOAP Handling Accept Language Header Heap Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-4479
Signature Description: Novell eDirectory is an X.500 compatible directory service software. It is used for centrally
managing access to resources on multiple servers and computers within a given network. Novell eDirectory, version
8.8.2 and prior and 8.7.3 SP10 and prior, is a integer overflow vulnerability. This issue is triggered when an attacker
sending SOAP request with a long 'Accept-Language' header on TCP port 8028/8030. The successful exploitation may
allow an attacker to overflow a buffer and execute arbitrary code on the system. The issue is fixed in the version of
Novell eDirectory (8.7.3 SP10 FTF1), which is available from vendor's web site. The administrator's are advise to
update the latest version of Novell eDirectory (8.7.3 SP10 FTF1) for resolve the issue.