TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
175
Signature ID: 1282
Trend InterScan VirusWall Remote Reconfiguration Vulnerability
Threat Level: Warning
Industry ID: CVE-2001-0432
CVE-2001-0791 Bugtraq: 2808,2579 Nessus: 10733
Signature Description: Trend Micro's InterScan VirusWall blocks viruses, malicious applets and ActiveX objects at the
Internet gateway, and provides real-time scanning for all inbound and outbound SMTP, HTTP and FTP file transfers.
Trend Micro InterScan VirusWall for Windows NT 3.51, Trend Micro InterScan VirusWall for Windows NT 3.5 and
Trend Micro InterScan VirusWall for Windows NT 3.4 are vulnerable versions, these versions are not performing
stringent checks when validating the credentials of a client host connecting to the services offered on a host server. A
malicious user(remote attacker) could send a specially crafted uri request, after received this type of request these
vulnerable versions are not validating properly the user given input, this can lead to unauthorized access and possibly
escalated privileges to that of the administrator. Then the attacker will make configuration changes.
Signature ID: 1283
Trend InterScan VirusWall Remote Reconfiguration Vulnerability
Threat Level: Warning
Industry ID: CVE-2001-0432 CVE-2001-0791 Bugtraq: 2808,2579 Nessus: 10733
Signature Description: Trend Micro's InterScan VirusWall blocks viruses, malicious applets and ActiveX objects at the
Internet gateway, and provides real-time scanning for all inbound and outbound SMTP, HTTP and FTP file transfers.
Trend Micro InterScan VirusWall for Windows NT 3.51, Trend Micro InterScan VirusWall for Windows NT 3.5 and
Trend Micro InterScan <br>VirusWall for Windows NT 3.4 are vulnerable versions, these versions are not performing
stringent checks when validating the credentials of a client host connecting to the <br>services offered on a host server.
A malicious user(remote attacker) could send a specially crafted uri request, after received this type of request these
vulnerable <br>versions are not validating properly the user given input, this can lead to unauthorized access and
possibly escalated privileges to that of the administrator. Then the attacker will make configuration changes.
Signature ID: 1284
Apache WebDAV Directory Listings Vulnerability
Threat Level: Warning
Industry ID: CVE-2000-0869 Bugtraq: 1656
Signature Description: WebDAV a web publishing protocol , in certain configurations of Apache, such as those in
SuSE 6.0-7.0 and RedHat 6.2-7.0, have WebDAV enabled and misconfigured in such a way to allow directory listings
of the entire server file structure -- specifically, WebDAV was enabled on the Document Root of the web server. Since
subdirectories of a WebDAV-enabled directory are automatically enabled as well, this caused the entire web server to
have WebDAV enabled. Since a directory, or its parent directory, must have been specifically declared for WebDAV to
be enabled, configuration errors should be straightforward to find and correct.
Signature ID: 1285
Webtrends HTTP probe Vulnerability
Threat Level: Information
Signature Description: WebTrends Security Analyzer is used to secure intranet and extranet by scanning remote and
local systems to discover known security vulnerabilities. When unchecked these vulnerabilities, then the attacker can
access sensitive information, damage or gain control of device.
Signature ID: 1286
Banner engine Cross-Site Scripting Vulnerability
Threat Level: Warning
Industry ID: CVE-2006-3519
CVE-2000-0426 CVE-2000-0332 CVE-2002-0749 Bugtraq: 18793,1175,1164,4579
Nessus: 11748