TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
482
response.The source code of software in the repository may be compromised by a succesful attacker who could choose
to insert malicious code of his own making.For CVS daemons running under changed root conditions (chroot), the rest
of the operating system files may be protected but the entire CVS directory structure and contents is vulnerable.
Signature ID: 12314
CVS Access from Outside Detected
Threat Level: Information
Industry ID: CVE-2003-0977 Bugtraq: 9178
Signature Description: CVS (Concurrent Versions System) is an open-source source code management and distribution
system available for most Linux and Unix-based operating systems. CVS suffers from many vulnerabilities like CVS
versions prior to 1.11.10 could allow a remote attacker to create files on the system. By sending a malformed module
request, a remote attacker could create directories and files in the filesystem root. CVS versions 1.11.4 and earlier could
allow a remote attacker to cause dynamically allocated memory segments to be released twice. An attacker may
potentially take advantage of this issue to cause heap memory to be corrupted with attacker-supplied values, which may
result in execution of arbitrary code. Access to CVS from outside should be monitored.
Signature ID: 12315
CVS Malformed Request System Root File Creation Vulnerability
Threat Level: Information
Industry ID: CVE-2003-0977 Bugtraq: 9178
Signature Description: CVS (Concurrent Versions System) is an open-source source code management and distribution
system available for most Linux and Unix-based operating systems. CVS versions prior to 1.11.10 could allow a
remote attacker to create files on the system. By sending a malformed module request, a remote attacker could create
directories and files in the filesystem root.
Signature ID: 12316
GlobalSunTech Access Points Information Disclosure attempt
Threat Level: Information
Industry ID: CVE-2002-2137 Bugtraq: 6100
Signature Description: GlobalSunTech Wireless Access Points WISECOM GL2422AP-0T, and possibly OEM
products such as D-Link DWL-900AP+ B1 2.1 and 2.2, ALLOY GL-2422AP-S, EUSSO GL2422-AP and LINKSYS
WAP11-V2.2, allow remote attackers to obtain sensitive information like WEP keys, the administrator password, and
the MAC filter via a "getsearch" request to UDP port 27155.
Signature ID: 12317
HP Web JetAdmin ExecuteFile admin access
Threat Level: Information
Bugtraq: 10224
Signature Description: HP JetAdmin software manages HP JetDirect-connected printers using a Web browser.
JetAdmin version 7.5.2546 and possibly other versions could allow a remote attacker to execute arbitrary commands on
the affected system. Successful exploitation of this issue will allow a malicious user to execute arbitrary commands on
the affected system through /plugins/framework/script/content.hts on ExecuteFile pattern.
Signature ID: 12318
HP Web Jetadmin Remote Arbitrary Command Execution Vulnerability
Threat Level: Information
Bugtraq: 9973
Signature Description: HP JetAdmin software manages HP JetDirect-connected printers using a Web browser.
JetAdmin version 7.5.2546 and possibly other versions could allow a remote attacker to execute arbitrary commands on