TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
383
Signature ID: 6110
FTP LIST command integer overflow Vulnerability
Threat Level: Information
Industry ID: CVE-2003-0853
Bugtraq: 8875
Signature Description: An integer overflow in ls command in the fileutils or coreutils packages may allow local users
to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely be exploited via
applications that use ls, such as wu-ftpd. Solution is to upgrade to latest versions of software.
Signature ID: 6111
FTP MDTM command Buffer overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2001-1021 CVE-2004-0330 Bugtraq: 3102,9751
Signature Description: Some of the FTP servers are prone to buffer overruns when handling data supplied to the
MDTM command. An FTP user who supplies excessive input to this command could potentially execute arbitrary code
in the context of the server or cause a denial of service.The issue exists due to lack of sufficient boundary checks
performed on user-supplied data. Products like Ipswitch WS_FTP Server version 2.0.2 and Rhino Software Serv-U
FTP Server prior to 5.0.0.4 are vulnerable to this issue. Upgrade to the newer version of products.
Signature ID: 6112
FTP MKDIR command format string Vulnerability
Threat Level: Information
Signature Description: A remote authenticated user can supply a specially crafted 'mkdir' command to trigger a buffer
overflow and cause arbitrary code to be executed on the FTPServer/X target system.This FTP sever is prone to a format
string vulnerability due to lack of sufficient format checking against user-supplied data.
Signature ID: 6113
FTP NLST command buffer overflow Vulnerability
Threat Level: Critical
Industry ID: CVE-1999-0349 CVE-2004-0711 CVE-2004-2111 Bugtraq: 7909,10184,9675
Signature Description: Some of the FTP servers are prone to buffer overruns when handling data supplied to the NLST
FTP command. An FTP user who supplies excessive input to this command could potentially execute arbitrary code in
the context of the server or cause a denial of service.The issue exists due to lack of sufficient boundary checks
performed on user-supplied data.
Signature ID: 6114
FTP PASS command Buffer overflow Vulnerability
Threat Level: Critical
Industry ID: CVE-2000-1035 CVE-1999-1519 CVE-1999-1539 CVE-2002-0126 CVE-2002-0895 Bugtraq:
1690,10720,22045,3884,8601,9285 Nessus: 10084
Signature Description: Some of the FTP servers are prone to buffer overruns when handling data supplied to the PASS
command. An FTP user who supplies excessive input to this command could potentially execute arbitrary code in the
context of the server or cause a denial of service.The issue exists due to lack of sufficient boundary checks performed
on user-supplied data.
Signature ID: 6115
FTP RENAME command format string Vulnerability
Threat Level: Information
Signature Description: A remote authenticated user can send specially crafted format string characters with RENAME