TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

981

982

983

984

985

986

987

988

989

990

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

989

network, you are connecting to one of the servers on that network. HydraIRC is an open-source IRC client with an

attractive and easy to use interface. It supports DCC Chat and File transfers, Connecting to multiple servers,

Autohiding Windows, DLL Plugins, Channel Monitoring, Event Viewer, Audible and Visual Notifications and much

more. HydraIrc 0.3.164 and prior versions are vulnerable to stack based buffer overflow vulnerability. The

vulnerability is caused due to a boundary error in the processing of "irc://" URIs. By tricking a user into opening an

overly long "irc://" URI in a web browser user can crash the web browser or execute arbitrary code in the victim

system. No remedy is available as of 6th August, 2008.

Signature ID: 35640

AXIGEN Mail Server AXIMilter Format String Vulnerability

Threat Level: Severe

Industry ID: CVE-2008-0434 Bugtraq: 27363

Signature Description: Axigen is a mail server designed for UNIX and UNIX-like operating systems. AXIMilter is the

Axigen Filtering Module that provides an interface for third-party software to access and modify emails. AXIGEN

Mail Server 5.0.2 is vulnerable to remote code ececution vulnerability. The vulnerability is caused due to a format

string error within the AXIMilter module when parsing mail data. This can be exploited by sending specially crafted

data containing format string specifiers to the TCP port on which AXIMilter is listening. A remote attacker could

exploit this vulnerability and possibly execute arbitrary code on the vulnerable system and cause a denial of service.

Please upgrade to the latest version (5.0.2 build 2 or later) to resolve this issue.

Signature ID: 35641

Download Accelerator Plus - DAP 8.6 (AniGIF.ocx) Buffer Overflow Vulnerability

Threat Level: Warning

Bugtraq: 30621

Signature Description: Download Accelerator Plus is a closed source software download manager for Microsoft

Windows. It has a number of features like scheduled download and auto Internet disconnection and/or shutting down of

computer upon download completion. DAP also provides auto antivirus scanning of downloaded contents by

integrating with the antivirus software present in the OS. DAP integrates with Internet Explorer, Mozilla Firefox,

Netscape, and Opera. It pops up a small message box by the system tray with "Open/Play" commands upon completion

of download. Animation GIF ActiveX versions 2.47, 1.12a and 1.12b present in DAP are vulnerable to stack based

buffer overflow vulnerabilities. This vulnerability is caused due to improper bounds checking by the ReadGIF and

READGIF2 methods, present in AniGIF.ocx ActiveX control. By persuading a victim to visit a malicious Web page, a

remote attacker could execute arbitrary code in the context of the application using the ActiveX control (typically

Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions. No remedy available as of

August 12, 2008, user can set killbit to the clsid 82351441-9094-11D1-A24B-00A0C932C7DF to resolve this issue.

Signature ID: 35642