TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
411
The effects of this vulnerability vary, depending on the exact versions of Windows NT and CiscoSecure ACS on the
server. Administrators are advised to close the port 2002 for external users.
Signature ID: 10105
MySQL Authentication Bypass Using Zero Length Scrambled String
Threat Level: Warning
Industry ID: CVE-2004-0627 Bugtraq: 10654
Signature Description: MySQL is freely distributed relational database server often used as a back-end for several
applications. A vulnerability exists in MySQL that allows a remote user to entirely bypass the MySQL password
authentication mechanism, allowing them to authenticate as a MySQL user without knowing that user's password. The
vulnerability specifically exists in the check_scramble_323() function that could allow an attacker to bypass
authentication by supplying a "passwd_len" value of NULL. By modifying the MySQL client library, a specifically
constructed Login packet with a known user name can bypass the authentication mechansim. Administrators are
advised to upgrade to newer version.
Signature ID: 10106
MySQL Long Scrambled Password String Stack Overflow Vulnerability
Threat Level: Warning
Industry ID: CVE-2004-0628 Bugtraq: 10655
Signature Description: MySQL is freely distributed relational database server often used as a back-end for several
applications. A stack based buffer overflow vulnerability exists in MySQL that allows a remote user to crash the
MySQL server or cause execution of arbitrary code. The vulnerability specifically exists in the check_scramble_323()
function that on supplying a specially crafted large scrambled string overflows the buffer while storing the output from
my_rnd() function, a pseudo random number generator. Since the output characters are in the range 0x40..0x5f, it is
difficult to exploit this vulnerability, though on some platforms code execution may be possible. Administrators are
advised to upgrade to newer version.
Signature ID: 10119
LinuxConf grants network access
Threat Level: Information
Industry ID: CVE-2000-0017 Nessus: 10135
Signature Description: Linuxconf (Linuxconf is a sophisticated administration tool for Linux) can grant network access
at least to the host nessusd is running on. LinuxConf is suspected to contain various buffer overflows, so it is
recommanded to disable this service.
Signature ID: 10122
Access to Vulnerable McAfee myCIO server
Threat Level: Information
Nessus: 10707
Signature Description: McAfee's myCIO HTTP Server provides other clients on the network with antivirus updates.
Several security vulnerabilities have been found in the past in the myCIO product. It is advisable that you block access
to this server from external network.
Signature ID: 10124
A Nessus Daemon is running
Threat Level: Information
Nessus: 10147
Signature Description: An attacker can use the Nessus Daemon to scan other site, or to further dig into the network to