TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
491
could take complete control of an affected system.All programs that use SSL could be affected. Although SSL is
generally associated with Internet Information Services by using HTTPS and port 443, any service that implements
SSL on an affected platform is likely to be vulnerable. This includes but is not limited to, Microsoft Internet
Information Services 4.0, Microsoft Internet Information Services 5.0, Microsoft Internet Information Services 5.1,
Microsoft Exchange Server 5.5, Microsoft Exchange Server 2000, Microsoft Exchange Server 2003, Microsoft
Analysis Services 2000 (included with SQL Server 2000), and any third-party programs that use PCT (MS04-011)
Signature ID: 14026
Qualcomm Qpopper POP3 Service Buffer Overflow on BSD Systems
Threat Level: Warning
Industry ID: CVE-1999-0006
Bugtraq: 133
Signature Description: Qpopper is a post office protocol (POP) server used for downloading internet e-mail. This rule
gets hit when an attempt is made to exploit a buffer overflow associated with Qualcomm qpopper POP3 service
versions prior to 2.5 on linux systems. The vulnerability exists in the way qpopper handles user supplied input for a
number of pop commands, including, but not limited to, USER, PASS, as well as any line containing in excess of 1024
characters. Upgrade the latest version available from vendors web site.
Signature ID: 14027
Qualcomm Qpopper POP3 Service Buffer Overflow on SCO Unix systems
Threat Level: Warning
Industry ID: CVE-1999-0006 Bugtraq: 156,133
Signature Description: Qpopper is a post office protocol (POP) server used for downloading internet e-mail. This rule
gets hit when an attempt is made to exploit a buffer overflow associated with Qualcomm qpopper POP3 service
versions prior to 2.5 on Unix systems. The vulnerability exists in the way qpopper handles user supplied input for a
number of pop commands, including, but not limited to, USER, PASS, as well as any line containing in excess of 1024
characters. Upgrade the latest version available from vendors web site.
Signature ID: 14028
Qualcomm Qpopper POP3 Service Buffer Overflow on BSD Systems
Threat Level: Warning
Industry ID: CVE-1999-0006 Bugtraq: 133
Signature Description: Qpopper is a post office protocol (POP) server used for downloading internet e-mail. This rule
gets hit when an attempt is made to exploit a buffer overflow associated with Qualcomm qpopper POP3 service
versions prior to 2.5 on BSD systems. The vulnerability exists in the way qpopper handles user supplied input for a
number of pop commands, including, but not limited to, USER, PASS, as well as any line containing in excess of 1024
characters. Upgrade the latest version available from vendors web site.
Signature ID: 14029
/bin/sh string on POP3 traffic
Threat Level: Warning
Signature Description: This rule looks for a piece of shell code (executable code) that is used to generate shell
(/bin/sh). Traffic which includes strings like this can be treated as an attempt to exploit a known vulnerability in the
POP3 service.
Signature ID: 14999
POP(3) Request Command Buffer Overflow Vulnerability
Threat Level: Information
Industry ID: CVE-2000-0096 CVE-1999-0006 CVE-2000-0060 CVE-2000-0841 CVE-2000-0583 CVE-1999-1511
CVE-1999-0920
Bugtraq: 948,1484 Nessus: 10197,10184,10196,10206,10257,10559,10463,10325,10469