TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

381

382

383

384

385

386

387

388

389

390

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

386

Signature ID: 6128

FTP SITE ZIPCHK command Buffer overflow Vulnerabilty

Threat Level: Information

Industry ID: CVE-2000-0040 Bugtraq: 891

Signature Description: Some of the FTP servers are prone to buffer overruns when handling data supplied to the SITE

ZIPCHK command. An FTP user who supplies excessive input to this command could potentially execute arbitrary

code in the context of the server or cause a denial of service.The issue exists due to lack of sufficient boundary checks

performed on user-supplied data.

Signature ID: 6129

FTP SITE command Buffer overflow Vulnerability

Threat Level: Critical

Industry ID: CVE-1999-0838 CVE-2001-0755 CVE-2001-0770 Bugtraq: 2782,859

Signature Description: Some of the FTP servers are prone to buffer overruns when handling data supplied to the SITE

command. An FTP user who supplies excessive input to this command could potentially execute arbitrary code in the

context of the server or cause a denial of service.The issue exists due to lack of sufficient boundary checks performed

on user-supplied data.

Signature ID: 6130

FTP STOR command buffer overflow Vulnerability

Threat Level: Critical

Industry ID: CVE-2000-0133 CVE-2003-0466 CVE-2003-1327 Bugtraq: 8668 Nessus: 14371

Signature Description: Some of the FTP servers are prone to buffer overruns when handling data supplied to the STOR

FTP command. An FTP user who supplies excessive input to this command could potentially execute arbitrary code in

the context of the server or cause a denial of service.The issue exists due to lack of sufficient boundary checks

performed on user-supplied data.

Signature ID: 6131

FTP STOU command buffer overflow Vulnerability

Threat Level: Critical

Industry ID: CVE-2003-0466

Bugtraq: 8315 Nessus: 12413,11811

Signature Description: Some of the FTP servers are prone to buffer overruns when handling data supplied to the STOU

FTP command. An FTP user who supplies excessive input to this command could potentially execute arbitrary code in

the context of the server or cause a denial of service.The issue exists due to lack of sufficient boundary checks

performed on user-supplied data.

Signature ID: 6132

FTP USER command format string Vulnerability

Threat Level: Information

Industry ID: CVE-2004-0277 CVE-2004-2074 Bugtraq: 7474,7776,9402,9600,9800

Signature Description: Format string vulnerability in some FTP servers allows remote attackers to cause a denial of

service (crash) and possibly execute arbitrary code via format string specifiers in the USER command.

Signature ID: 6133

FTP USER command Buffer overflow Vulnerability

Threat Level: Critical

Industry ID: CVE-2000-0479

CVE-2000-0656 CVE-2000-0943 CVE-2000-1035 CVE-2000-1194 CVE-2001-0794

CVE-2001-0826

CVE-2002-0126 CVE-1999-1519 CVE-1999-1539 Bugtraq: 1504,1690,4638,3884