TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

171

172

173

174

175

176

177

178

179

180

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

172

contain a buffer overflow vulnerability, A malicious user will send a overly long arguments to SpamExcp.dll script,

then it could allow an attacker to execute arbitrary code within the Local System context. Then the attacker can

reconfigure its settings. Patches are available at vendor website.

Signature ID: 1269

Sun JavaServer default password login

Threat Level: Information

Industry ID: CVE-1999-0508 CVE-1999-0508 Nessus: 10995,10747

Signature Description: By default, Sun JavaServer installs with a default password. The admin account has a password

of admin which is publicly known and documented. This allows attackers to trivially access the system. Users are

advised to change all default install passwords to a unique and secure password. When possible, change default

accounts to custom names as well.

Signature ID: 1270

Trend Micro InterScan eManager Buffer Overflow Vulnerability

Threat Level: Warning

Industry ID: CVE-2001-0958 Bugtraq: 3327 Nessus: 11747

Signature Description: Trend Micro InterScan eManager is a plug-in for InterScan which manages spam, message

content, and mail delivery. It can be managed through a web-based console interface. Trend Micro InterScan eManager

3.51 j and Trend Micro InterScan eManager 3.51 versions are vulnerable, these versions CGI components of eManager

contain a buffer overflow vulnerability, A malicious user will send a overly long arguments to TOP10.dll script, then it

could allow an attacker to execute arbitrary code within the Local System context. Then the attacker can reconfigure its

settings. Patches are available at vendor website.

Signature ID: 1271

Talentsoft Web+ Source Code Disclosure Vulnerability

Threat Level: Warning

Bugtraq: 1722

Signature Description: Talentsoft's Web+ web application server is a powerful and comprehensive development

language for use in creating web-based client/server applications. TalentSoft Web+ Server 4.6, TalentSoft Web+

Monitor 4.6 and TalentSoft Web+ Client 4.6 are vulnerable versions. After received the requests from remote user the

Talentsoft Web+ Source Code view does not perform stringent checks when validating the credentials of a client host

connecting to the services offered on a host server. This can lead to unauthorized access and possibly escalated

privileges to that of the administrator.

Signature ID: 1272

Apache Tomcat Servlet Path Disclosure Vulnerability

Threat Level: Warning

Industry ID: CVE-2002-2006

CVE-2002-2006 Bugtraq: 4575 Nessus: 11046

Signature Description: Apache Tomcat is an implementation of the Java Servlet and JavaServer Pages technologies.

The Java Servlet and JavaServer Pages specifications are developed under the Java Community Process. Apache

Software Foundation Tomcat 4.1 and prior versions <br>are vulnerable, these versions of Tomcat SnoopServlet servlet

does not validating properly the credentials of a client host connecting to the services offered on a host server. This can

lead to unauthorized access and possibly escalated privileges to that <br>of the administrator. Patches are available at

sun website.