TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
481
Signature Description: CVS (Concurrent Versions System) is an open-source source code management and distribution
system available for most Linux and Unix-based operating systems. The CVS server component contains a "double-
free" vulnerability that can be triggered by a set of specially crafted directory change requests. While processing these
requests, an error checking routine may attempt to free() the same memory reference more than once. Deallocating the
already freed memory can lead to heap corruption, which may be leveraged by an attacker to execute arbitrary code.
The CVS server process is commonly started by the Internet services daemon (inetd) and run with root privileges.
Depending on configuration, operating system, and platform architecture, a remote attacker with anonymous read-only
access to a vulnerable CVS server could execute arbitrary code, read sensitive information, or cause a denial of
service.CVS 1.11.4 and earlier are vulnerable to this attack.
Signature ID: 12308
CVS Directory Request Double Free Heap Corruption Vulnerability
Threat Level: Information
Industry ID: CVE-2003-0015 Bugtraq: 6650
Signature Description: CVS (Concurrent Versions System) is an open-source source code management and distribution
system available for most Linux and Unix-based operating systems. The CVS server component contains a "double-
free" vulnerability that can be triggered by a set of specially crafted directory change requests. While processing these
requests, an error checking routine may attempt to free() the same memory reference more than once. Deallocating the
already freed memory can lead to heap corruption, which may be leveraged by an attacker to execute arbitrary code.
The CVS server process is commonly started by the Internet services daemon (inetd) and run with root privileges.
Depending on configuration, operating system, and platform architecture, a remote attacker with anonymous read-only
access to a vulnerable CVS server could execute arbitrary code, read sensitive information, or cause a denial of service.
This rule hits when invalid CVS directory reuqest made.
Signature ID: 12309
CVS invalid module response
Threat Level: Information
Signature Description: CVS (Concurrent Versions System) is an open-source source code management and distribution
system available for most Linux and Unix-based operating systems. This rule detects CVS invalid module response
messages.
Signature ID: 12310
CVS invalid repository response
Threat Level: Information
Signature Description: CVS (Concurrent Versions System) is an open-source source code management and distribution
system available for most Linux and Unix-based operating systems. This rule detects CVS invalid repository response.
Signature ID: 12312
CVS invalid user authentication response
Threat Level: Information
Signature Description: CVS (Concurrent Versions System) is an open-source source code management and distribution
system available for most Linux and Unix-based operating systems. This rule detects CVS user authentication failure
event.
Signature ID: 12313
CVS missing cvsroot response
Threat Level: Information
Signature Description: CVS (Concurrent Versions System) is an open-source source code management and distribution
system available for most Linux and Unix-based operating systems. This rule tries to detect missing cvsroot