TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

381

382

383

384

385

386

387

388

389

390

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

385

Signature ID: 6121

FTP RMDIR command Buffer overflow Vulnerability

Threat Level: Critical

Bugtraq: 819

Signature Description: Some of the FTP servers are prone to buffer overruns when handling data supplied to the

RMDIR command. An FTP user who supplies excessive input to this command could potentially execute arbitrary

code in the context of the server or cause a denial of service.The issue exists due to lack of sufficient boundary checks

performed on user-supplied data.

Signature ID: 6123

FTP RNTO command buffer overflow Vulnerability

Threat Level: Critical

Industry ID: CVE-2003-0466 CVE-2000-0133 Bugtraq: 8315 Nessus: 12413,11811

Signature Description: Some of the FTP servers are prone to buffer overruns when handling data supplied to the RNTO

FTP command. An FTP user who supplies excessive input to this command could potentially execute arbitrary code in

the context of the server or cause a denial of service.The issue exists due to lack of sufficient boundary checks

performed on user-supplied data.

Signature ID: 6124

FTP SITE CHMOD command Buffer overflow Vulnerability

Threat Level: Critical

Industry ID: CVE-1999-0838 CVE-2003-0466 Bugtraq: 9483,9675,8315 Nessus: 12413,11811

Signature Description: Some of the FTP servers are prone to buffer overruns when handling data supplied to the SITE

CHMOD FTP command. An FTP user who supplies excessive input to this command could potentially execute

arbitrary code in the context of the server or cause a denial of service.The issue exists due to lack of sufficient boundary

checks performed on user-supplied data.

Signature ID: 6125

FTP SITE CPWD command buffer overflow Vulnerability

Threat Level: Critical

Industry ID: CVE-2002-0826

Bugtraq: 5427

Signature Description: Some of the FTP servers are prone to buffer overruns when handling data supplied to the SITE

CPWD command. An FTP user who supplies excessive input to this command could potentially execute arbitrary code

in the context of the server or cause a denial of service.The issue exists due to lack of sufficient boundary checks

performed on user-supplied data.

Signature ID: 6126

Wu-ftpd FTP SITE EXEC overflow vulnerability

Threat Level: Warning

Industry ID: CVE-1999-0955

CVE-1999-0080 Bugtraq: 2241 Nessus: 10090,10090

Signature Description: File Transfer Protocol (FTP) is a network protocol used to transfer data from one computer to

another through a network such as the Internet. Washington University wu-ftpd 2.4.1 has been reported prone to a

remote buffer overflow vulnerability. The issue exists due to a lack of sufficient boundary checks performed on user-

supplied data. A remote attacker may pass excessive data as an argument for an SITE EXEC command passed to the

affected server. The attacker may exploit this issue to corrupt a saved instruction pointer and in doing so may

potentially influence execution flow of the affected service into attacker-supplied instructions.