TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

271

272

273

274

275

276

277

278

279

280

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

276

Signature ID: 2023

Sendmail 8.6.12 Denial of Service Vulnerability

Threat Level: Information

Signature Description: SMTP(Simple Mail Transfer Protocol) is a TCP/IP protocol. It is used to transfer e-mail

<br>messages between computers. Most e-mail systems that send mail over the Internet use SMTP to send messages

from one server to another. This signature detects the content '8.6.12'. This 8.6.12 version check module examines

available sendmail banners to determine the presence of Berkeley sendmail 8.6.12. If this version is detected, it is

possible that the host is vulnerable to a denial of service.

Signature ID: 2024

Sendmail (8.7.5) GECOS field buffer overflow check

Threat Level: Information

Industry ID: CVE-1999-0131

Signature Description: An attacker can check to see if the host is running sendmail 8.7.5. Berkeley sendmail 8.7.5 has

two bugs which allow for local users to gain either default user (most often daemon) or root privileges.

Signature ID: 2025

Sendmail (8.8.0/8.8.1) MIME buffer overflow check with version 8.8.0

Threat Level: Information

Industry ID: CVE-1999-0206

Signature Description: An attacker can check if you are running sendmail version 8.8.0 or 8.8.1. Both these versions of

sendmail have a vulnerability which could allow intruders to access the vulnerable system as root.

Signature ID: 2026

Sendmail (8.8.0/8.8.1) MIME buffer overflow check with version of 8.8.1

Threat Level: Information

Industry ID: CVE-1999-0206

Signature Description: An attacker can discern if you are running sendmail version 8.8.0 or 8.8.1. Both of these

versions of sendmail have a weakness which could allow intruders to access the vulnerable system as root.

Signature ID: 2027

Mail forgery check using Cybercop

Threat Level: Information

Signature Description: Cybercop is software which is used to find vulnerabilities on the target system. Using this

software attacker can know the vulnerabilities on the target system, and it is possible to forge mails on the target mail

server.

Signature ID: 2028

Sendmail (8.8.3/8.8.4) Version check for MIME Buffer Overflow

Threat Level: Information

Industry ID: CVE-1999-0047 Bugtraq: 685

Signature Description: An attacker can attempt to discern if you are running sendmail version 8.8.4 or 8.8.3. Both of

these versions of sendmail have a weakness which can allow intruders to access the vulnerable system as root.