TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
963
management information bases (MIBs). ILMI uses SNMP, which is designed to be simple and has a very
straightforward architecture. The SNMP message is divided into two sections, a version identifier plus community
name and a PDU. The vulnerability is present in Cisco IOS Software versions 11.x and 12.0 for router and switch
products that include support for Asynchronous Transfer Mode (ATM) networking and Interim Local Management
Interface (ILMI), and it is present without regard to any physical capability for supporting an ATM interface. It allow
attackers to cause a denial of service via the undocumented ILMI SNMP community string and It is possible for a
malicious remote user to change configuration objects within the MIB-II Community, and rename the system, change
the location name in the system, and/or the contact information for the system.
Signature ID: 35536
E107 BLOG Engine macgurublog.php uid Parameter SQL Injection
Threat Level: Warning
Bugtraq: 29344
Signature Description: E107 BLOG Engine is a blog plugin for the e107 content manager. The BLOG Engine plugin
for e107 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the
"macgurublog.php" script using the "uid" parameter, which could allow the attacker to view, add, modify or delete
information in the back-end database. A successful exploit may allow the remote attacker to compromise the
application, access or modify data, or exploit latent vulnerabilities in the database. The vulnerable platforms are
MacGuru e107 BLOG Engine 2.1.4 and MacGuru e107 BLOG Engine 2.2.
Signature ID: 35537
DB Software Laboratory VImpX.ocx ActiveX Control Multiple Insecure Methods
Threat Level: Warning
Industry ID: CVE-2008-4749 Bugtraq: 31907
Signature Description: VImpX is an ActiveX control that imports data into various databases. DB Software Laboratory
'VImpX.ocx' ActiveX control is prone to multiple vulnerabilities that let attackers delete or overwrite arbitrary files on
the affected computer in the context of the application using the ActiveX control. VImpX 4.8.8.0 is vulnerable, other
versions may also be affected. This vulnerability is caused due to improper bounds checking by the LogFile,
ClearLogFile and SaveToFile methods, present in VImpX.ocx ActiveX control. By persuading a victim to visit a
malicious Web page, a remote attacker could execute arbitrary code in the context of the application using the ActiveX
control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions. No
remedy available as of Nov 22, 2008, user can set killbit to the clsid 7600707B-9F47-416D-8AB5-6FD96EA37968 to
resolve this issue.
Signature ID: 35538
DB Software Laboratory VImpX.ocx ActiveX Control Multiple Insecure Methods
Threat Level: Severe
Industry ID: CVE-2008-4749 Bugtraq: 31907
Signature Description: VImpX is an ActiveX control that imports data into various databases. DB Software Laboratory
'VImpX.ocx' ActiveX control is prone to multiple vulnerabilities that let attackers delete or overwrite arbitrary files on
the affected computer in the context of the application using the ActiveX control. VImpX 4.8.8.0 is vulnerable, other
versions may also be affected. This vulnerability is caused due to improper bounds checking by the LogFile,
ClearLogFile and SaveToFile methods, present in VImpX.ocx ActiveX control. By persuading a victim to visit a
malicious Web page which contain hex encoded data, a remote attacker could execute arbitrary code in the context of
the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in
denial-of-service conditions. No remedy available as of Nov 22, 2008, user can set killbit to the clsid 7600707B-9F47-
416D-8AB5-6FD96EA37968 to resolve this issue.