TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
544
SNMP include a list of community names. By allowing remote users access to the SNMP Agent with the well known
public community name manager, remote attackers may gain very valuable information(depending on which MIBs are
installed) about the system and networks they are attacking. Also if a 'writeall' access can be gained, this could be a
huge security hole, enabling attackers to wreck complete havoc, route packets and etc.
Signature ID: 18070
Default community names of the SNMP Agent
Threat Level: Warning
Industry ID: CVE-1999-0517 CVE-1999-0186 CVE-1999-0254 CVE-1999-0516 Bugtraq: 177,6825,2112 Nessus:
10264,10265
Signature Description: The Simple Network Management Protocol (SNMP) is a widespread protocol allowing network
administrators to obtain information on and even configure various network devices remotely. The security options for
SNMP include a list of community names. By allowing remote users access to the SNMP Agent with the well known
public community name agent, remote attackers may gain very valuable information(depending on which MIBs are
installed) about the system and networks they are attacking. Also if a 'writeall' access can be gained, this could be a
huge security hole, enabling attackers to wreck complete havoc, route packets and etc.
Signature ID: 18071
Access by using Default community names of the SNMP Agent
Threat Level: Warning
Industry ID: CVE-1999-0517 CVE-1999-0186 CVE-1999-0516 CVE-1999-0254 Bugtraq: 177,6825,2112 Nessus:
10264,10265
Signature Description: The Simple Network Management Protocol (SNMP) is a widespread protocol allowing network
administrators to obtain information on and even configure various network devices remotely. The security options for
SNMP include a list of community names. By allowing remote users access to the SNMP Agent with the well known
public community name all, remote attackers may gain very valuable information(depending on which MIBs are
installed) about the system and networks they are attacking. Also if a 'writeall' access can be gained, this could be a
huge security hole, enabling attackers to wreck complete havoc, route packets and etc.
Signature ID: 18072
Default community names of the SNMP Agent (ILMI)
Threat Level: Warning
Industry ID: CVE-1999-0517 CVE-1999-0186 CVE-1999-0254 CVE-1999-0516 Bugtraq: 177,6825,2112 Nessus:
10264,10265
Signature Description: The Simple Network Management Protocol (SNMP) is a widespread protocol allowing network
administrators to obtain information on and even configure various network devices remotely. The security options for
SNMP include a list of community names. By allowing remote users access to the SNMP Agent with the well known
public community name ILMI, remote attackers may gain very valuable information(depending on which MIBs are
installed) about the system and networks they are attacking. Also if a 'writeall' access can be gained, this could be a
huge security hole, enabling attackers to wreck complete havoc, route packets and etc.
Signature ID: 18073
Malformed SNMP Message-Handling Vulnerabilities TCP, Destination Port 705
Threat Level: Warning
Industry ID: CVE-2002-0013
Signature Description: SNMP request messages are sent from managers to agents. Request messages might be issued
to obtain information from an agent or to instruct the agent to configure the host device. SNMP agents must properly
decode request messages and process the resulting data. Multiple vulnerabilities are present in the way many SNMP
agents decode and process SNMP request messages. Vulnerabilities in the SNMPv1 request handling of a large number