TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
975
Signature Description: ADODB.Connection ActiveX controlremote code is vulnerable to remote code execution,
which is provided as part of the ActiveX Data Objects (ADO) and that is distributed in MDAC. An attacker who
successfully exploited this vulnerability could take complete control of an affected system. The vulnerable code will
exploit "double free error" which results in double freeing of same string, rewriting of Heap Control Block by
malicious data in msado15.dll NextRecordset() function. By persuading a victim to visit a malicious Web page which
containing %u encoded data, a remote attacker could execute arbitrary code in the context of the application using the
ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions.
No remedy available as of Nov, 2008, user can set killbit to the clsid 00000535-0000-0010-8000-00AA006D2EA4 to
resolve this issue.
Signature ID: 35581
Microsoft Internet Explorer ADODB.Recordset Double Free Memory Exploit
Threat Level: Warning
Industry ID: CVE-2006-7206 Bugtraq: 19227
Signature Description: ADODB.Connection ActiveX controlremote code is vulnerable to remote code execution,
which is provided as part of the ActiveX Data Objects (ADO) and that is distributed in MDAC. An attacker who
successfully exploited this vulnerability could take complete control of an affected system. The vulnerable code will
exploit "double free error" which results in double freeing of same string, rewriting of Heap Control Block by
malicious data in msado15.dll NextRecordset()<br>function. By persuading a victim to visit a malicious Web page, a
remote attacker could execute arbitrary code in the context of the application using the ActiveX control (typically
Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions. No remedy available as of
Nov, 2008, user can set killbit to the clsid 00000535-0000-0010-8000-00AA006D2EA4 corresponding to the ProgID
ADODB.Recordset.2.5 to resolve this issue.
Signature ID: 35582
E-vision cms addnewsletter.php module parameter Local File Inclusion vulnerability
Threat Level: Warning
Bugtraq: 32180
Signature Description: E-Vision CMS is a PHP-based content manager.e-Vision CMS is Web Content Management
System written in PHP, with MySQL database backend. It runs on Linux and Windows (with Apache). The e-Vision
CMS powered website can be designed and used with no technical background. The application is prone to multiple
local file-include vulnerabilities because it fails to properly sanitize user-supplied input to the 'module' parameter of the
/modules/newsletter/adminpart/addnewsletter.php? script. An attacker can exploit these vulnerabilities using directory-
traversal strings to view local files and execute local scripts within the context of the web server process. A successful
attack can allow the attacker to obtain sensitive information or gain unauthorized access to an affected computer in the
context of the vulnerable server. e-Vision CMS 2.0.2 is vulnerable, other versions may also be affected.
Signature ID: 35583
E-vision cms addgame.php module parameter Local File Inclusion vulnerability
Threat Level: Warning
Bugtraq: 32180
Signature Description: E-Vision CMS is a PHP-based content manager.e-Vision CMS is Web Content Management
System written in PHP, with MySQL database backend. It runs on Linux and Windows (with Apache). The e-Vision
CMS powered website can be designed and used with no technical background. The application is prone to multiple
local file-include vulnerabilities because it fails to properly sanitize user-supplied input to the 'module' parameter of the
/modules/game/adminpart/addgame.php? script. An attacker can exploit these vulnerabilities using directory-traversal
strings to view local files and execute local scripts within the context of the web server process. A successful attack can
allow the attacker to obtain sensitive information or gain unauthorized access to an affected computer in the context of
the vulnerable server. e-Vision CMS 2.0.2 is vulnerable, other versions may also be affected.