TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
395
a virtual connection between server and client. There is a known vulnerability in /bin/login in telnetd on Sun Solaris
systems. A buffer overflow condition is present in /bin/login used by telnetd that may present an attacker with the
opportunity to execute code of their choice after a successful exploit.
Signature ID: 8106
BSD telnet buffer overflow vulnerability
Threat Level: Information
Industry ID: CVE-2001-0554 CVE-2001-0554 CVE-2004-0911 Bugtraq: 3064,11313
Signature Description: The telnetd program is a server for the Telnet remote virtual terminal protocol. There is a
remotely exploitable buffer overflow in Telnet daemons derived from BSD source code. The 'telrcv' function fails to
perform proper bounds checking. With a specially crafted request, a remote attacker can cause arbitrary code execution
resulting in a loss of integrity. The attacker does not need to login to the server to exploit this vulnerability, only a
connection to the server is needed.
Signature ID: 8107
BSD telnet buffer oveflow response vulnerability
Threat Level: Information
Industry ID: CVE-2001-0554 CVE-2001-0554 CVE-2004-0911 Bugtraq: 3064,11313
Signature Description: The telnetd program is a server for the Telnet remote virtual terminal protocol. There is a
remotely exploitable buffer overflow in Telnet daemons derived from BSD source code. The 'telrcv' function fails to
perform proper bounds checking. With a specially crafted request, a remote attacker can cause arbitrary code execution
resulting in a loss of integrity. The attacker does not need to login to the server to exploit this vulnerability, only a
connection to the server is needed. This rule checks the response of the BSD telnet daemon to the buffer overflow
exploit.
Signature ID: 8108
Telnet set environment variable ld_library_path vulnerability
Threat Level: Information
Industry ID: CVE-1999-0073 Bugtraq: 459
Signature Description: Telnet is the terminal emulation protocol of tcp/ip. Telnet uses the tcp transport protocol to
achieve a virtual connection between server and client. After connecting, Telnet server and client enter a phase of
option negotiation that determines the options that each side can support for the connection. Each connected system can
negotiate new options or renegotiate old options at any time. Attacker attempts to set the environment variable
ld_library_path in a Telnet session, for getting unauthorized superuser access.
Signature ID: 8110
Glibc RESOLV_HOST_CONF File Read Access Vulnerability
Threat Level: Information
Industry ID: CVE-2001-0170 Bugtraq: 2181
Signature Description: Glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF environmental
variable when executing setuid/setgid programs. An attacker can use this vulnerability to gain access to sensitive
information, such as encrypted passwords, which could lead to the compromise of system login accounts. Upgrade to
the latest version of glibc (2.2-12 or later) and available from vendors web site.
Signature ID: 8111
Telnet root account login vulnerability
Threat Level: Information
Signature Description: Telnet is the terminal emulation protocol of tcp/ip. Telnet uses the tcp transport protocol to
achieve a virtual connection between server and client. The telnet server undergoes an attempted login with the