RVS4000 IPS identifies flickr images, etc., as Microsoft Color Management Module Buffer Overflow exploit
If I enable the IPS function in my RVS4000, some images from various popular websites like Flickr and blogspot will not load. They are detected by IPS as "EXPLOIT Microsoft Color Management Module Buffer Overflow"
You can test it yourself with this image hosted at blogspot:
With IPS enabled, that image will not load. With IPS disabled, it will.
I am using firmware 220.127.116.11 and IPS signature version 1.42.
I believe IPS is incorrectly identifying these images as containing the color management buffer overflow exploit.
Any chance this could be corrected in the next IPS signature release?
As an aside, I would prefer to open a case with support about this, but I really can't figure out how to do so. I purchased the RVS4000 when it was still made by linksys. I would assume I should still be able to get support on it now that it's own by Cisco, but trying to open a case on the web for this seems impossible. Am I missing something?
Re: RVS4000 IPS identifies flickr images, etc., as Microsoft Col
i've just removed the proxy in my browser, so that it connects direct.
et voila: EXPLOIT Microsoft Color Management Module Buffer Overflow
but this rises the fear that IPS works just as expected when no (external) proxy is used.
that would be a serious problem, at least because it isn't mentioned in the online help/manual and because i'd leave my real ip at many places, which i wouldn't like.
i'd be happy to read a response from cisco to the Buffer Overflow (is it a false positive) and if IPS should work when a external proxy is used (via unencrypted connections, so the [w]rvs has a chance to read the communication.
Article ID:5728 Configure a Teleworker VPN Client on the RV34x Series
Router Objective The Teleworker VPN Client feature minimizes the
configuration requirements at remote locations by allowing the device to
work as a Cisco VPN hardware client. When the T...
Article ID:5708 Configure the LAN and DHCP Settings on the RV34x Series
Router Objective A Local Area Network (LAN) is a network limited to an
area such as a home or small business that is used to interconnect
devices. LAN settings can be configured to li...
Article ID:541 Firmware Upgrade on RV016, RV042, RV042G, and RV082 VPN
Routers Objective To upgrade the firmware, a specific file must be
downloaded from the Internet and uploaded to the device. Firmware
upgrades can fix software bugs, improve features, a...