TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
741
booted.This web server is reportedly vulnerable to a stack-based buffer overflow that can be triggered by an overlong
HTTP request.The overflow can be exploited to execute arbitrary code with the privileges of the server process.
Signature ID: 32644
EIQnetworks Network Security Analyzer DataCollector (ADDENTRY) DoS
Threat Level: Critical
Industry ID: CVE-2007-0228 Bugtraq: 21994
Signature Description: EIQ Networks Network Security Analyzer is vulnerable to a denial of service, A vulnerability
has been identified in EIQ Networks Network Security Analyzer, which could be exploited by remote attackers to
cause a denial of service.This issue is due to an error in the DataCollector service when processing malformed requests
sent to port 10618, which could be exploited by attackers to crash a vulnerable application, creating a denial of service
condition.
Signature ID: 32645
EIQnetworks Network Security Analyzer DataCollector (CONNECTSERVER) DoS
Threat Level: Critical
Industry ID: CVE-2007-0228 Bugtraq: 21994
Signature Description: EIQnetworks SecureVue enterprise Security management(ESM) solution delivers next-
generation security information and compliance management from an integrated platform. EIQ Networks Network
Security Analyzer is a denial of service vulnerability, caused by a null pointer dereference in the DataCollection
service. This Signature will trigger when an attacker send specially-crafted data containing via a CONNECTSERVER
string to TCP port 10618. The successful exploitation may allow an attacker to cause the DataCollection service to
crash. No remedy available as of October, 2008.
Signature ID: 32646
EIQnetworks Network Security Analyzer DataCollector (FIN) DoS
Threat Level: Critical
Industry ID: CVE-2007-0228 Bugtraq: 21994
Signature Description: The DataCollector service in EIQ Networks Network Security Analyzer allows remote attackers
to cause a denial of service and restart the DataCollector service by sending specially crafted data containing via a (1)
CONNECTSERVER (2) ADDENTRY (3) &FIN& (4) START (5) LOGPATH (6) FWADELTA (7) FWALOG (8)
SETSYNCHRONOUS (9)SETPRGFILE, or (10) SETREPLYPORT string to TCP port 10618, which triggers a NULL
pointer dereference.The vulnerability is confirmed in version 4.6. Other versions may also be affected.
Signature ID: 32647
EIQnetworks Network Security Analyzer DataCollector (FWALOG) DoS
Threat Level: Critical
Industry ID: CVE-2007-0228
Bugtraq: 21994
Signature Description: EIQnetworks SecureVue enterprise Security management(ESM) solution delivers next-
generation security information and compliance management from an integrated platform. EIQ Networks Network
Security Analyzer is a denial of service vulnerability, caused by a null pointer dereference in the DataCollection
service. This Signature will trigger when an attacker send specially-crafted data containing via a 'FWALOG' string to
TCP port 10618. The successful exploitation may allow an attacker to cause the DataCollection service to crash. No
remedy available as of October, 2008.
Signature ID: 32648
EIQnetworks Network Security Analyzer DataCollector (LOGPATH) DoS
Threat Level: Critical
Industry ID: CVE-2007-0228
Bugtraq: 21994