TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
160
possible to deny service to users of this line of phones. By placing a request to the /StreamingStatistics script with a
stream ID of arbitrarily high value, the phone will reset itself, creating the inability to place or receive calls for a period
of up to thirty seconds. <br>This has been reportedly reproduced by passing stream ID values of greater than 32768,
and consistently reproduced with a value of 120000. Cisco VoIP Phone CP-7960 3.2,Cisco VoIP Phone CP-7960
3.1,Cisco VoIP Phone CP-7960 3.0,,Cisco VoIP Phone CP-7940.2,,Cisco VoIP Phone CP-7940 3.1,Cisco VoIP Phone
CP-7940 3.0,Cisco VoIP Phone CP-7910 3.2,,Cisco VoIP Phone CP-7910 3.1,Cisco VoIP Phone CP-7910 3.0 are
prone to this vulnerability.
Signature ID: 1216
CISCO VoIP Web Interface System Memory Contents Information Leakage Vulnerability
Threat Level: Warning
Industry ID: CVE-2002-0882
Bugtraq: 4798
Signature Description: The 7900 series VoIP Phones are a Voice-Over-IP solution distributed by Cisco
Systems.<br>By placing a request to the /PortInformation script with a port ID of arbitrarily high value, the web server
will return a dump of the contents of phone memory. This has been reportedly reproduced by passing port ID values of
greater than 32768, and consistently reproduced with a value of 120000. Cisco VoIP Phone CP-7960 3.2,Cisco VoIP
Phone CP-7960 3.1,Cisco VoIP Phone CP-7960 3.0,,Cisco VoIP Phone CP-7940.2,,Cisco VoIP Phone CP-7940
3.1,Cisco VoIP Phone CP-7940 3.0,Cisco VoIP Phone CP-7910 3.2,,Cisco VoIP Phone CP-7910 3.1,Cisco VoIP Phone
CP-7910 3.0 are prone to this vulnerability.
Signature ID: 1217
Cisco IOS HTTP %% DOS Vulnerability
Threat Level: Warning
Industry ID: CVE-2000-0380 Bugtraq: 1154 Nessus: 10387
Signature Description: The HTTP server was introduced in IOS release 11.0 to extend router management to the
worldwide web. The defect appears in a function added in IOS releases 11.1 and 11.2 that parses special characters in a
URI of the format "%nn" where each "n" represents a hexadecimal digit. Cisco IOS 12.0.7 and prior versions are
vulnerable to denial of service. The vulnerability is exposed when an attempt is made to browse to router with %%
characters next to IP address or domain name(like "<router-ip>/%%"). After received these requests it is not correctly
parses "%%" and it enters an infinite loop. A watchdog timer expires two minutes later and forces the router to crash
and reload.
Signature ID: 1218
Cisco IOS HTTP configuration attempt vulnerability
Threat Level: Warning
Industry ID: CVE-2001-0537
Bugtraq: 2936 Nessus: 10700
Signature Description: Cisco IOS is router firmware developed and distributed by Cisco Systems. IOS functions on
numerous Cisco devices, including routers and switches.It is possible to gain full remote administrative access on
devices using affected releases of IOS. By using a URL of http://router.address/level/$NUMBER/exec/.... where
$NUMBER is an integer between 16 and 99, it is possible for a remote user to gain full administrative access.This
problem makes it possible for a remote user to gain full administrative privileges, which may lead to further
compromise of the network or result in a denial of service.
Signature ID: 1219
Compaq Web-based Management Agent Denial of Service vulnerability
Threat Level: Warning
Bugtraq: 8014
Signature Description: Compaq Web-Based Management Agent has been reported prone to a remote denial of service
vulnerability. The problem occurs when making malformed requests to the service. The resulting error reports a stack