Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
71727374757677787980
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
75
service attack. It suffers from a buffer overflow error in the SSL handshaking code that causes it to crash when the
buffer is overrun.
Signature ID: 424
Nortel Contivity HTTP Server DoS vulnerability
Threat Level: Severe
Industry ID: CVE-2000-0064 CVE-2000-0063 Bugtraq: 938 Nessus: 10160
Signature Description: Nortel Contivity series network devices (extranet switches) ships with an httpd (to provide an
interface for remote administration) which runs on top of VxWorks.The cgiproc CGI script in Nortel Contivity HTTP
server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters. If
metacharacters such as "!", or "$" are passed to cgiproc, the system will crash (because the characters are not escaped).
Signature ID: 425
Oracle Web Server 2.1 DoS vulnerability
Threat Level: Severe
Industry ID: CVE-1999-1068 Nessus: 10171
Signature Description: Oracle Web Server version 2.1 is vulnerable to a denial of service attack. It is possible to make
the remote web server crash by supplying a long argument to the cgi /ews-bin/fnord. An attacker may use this flaw to
prevent access to web site.
Signature ID: 426
Real Networks RealServer View-Source DoS Vulnerability
Threat Level: Warning
Industry ID: CVE-2000-0474 Bugtraq: 1288 Nessus: 10461
Signature Description: RealNetworks RealServer Helix Server is the only multi-format, cross platform streaming
server for delivering the highest quality experience to wired and wireless devices. It is vulnerable to a denial of service.
A remote attacker can crash the RealServer 7.0 by sending a request for a file with no specified variable set, making it
necessary to restart the server, the attacker sends the GET request with the uri /viewsource/template.html? to Real
Server.The vulnerability can be recreated by sending certain information to the RealServer HTTP default TCP port
8080, where after the service processes this information it will stop responding. The vulnerable platforms are Real
Networks Real Server 7.0.0, 7.0.1 and 8.0.0Beta.
Signature ID: 427
Xylogics/Bay Annex Ping CGI Overflow vulnerability
Threat Level: Warning
Industry ID: CVE-CVE-1999-1070
Signature Description: Bay Networks, a Nortel Networks subsidiary, acquired and supports a terminal server solution
from Xylogics called an Annex server. Annex servers allow remote users to obtain dialup connections to a network,
they also potentially allow network clients to dial out of the network, and are thus coveted targets for attackers. Some
versions of the Annex software are susceptible to a denial of service attack involving the server's built-in web server.
Vulnerable Annex versions support a "ping" CGI program which, when fed overly-long queries, overflows an internal
buffer and disables the entire access server.
Signature ID: 428
ETL Delegate Buffer Overflow Vulnerability
Threat Level: Warning
Industry ID: CVE-2000-0165 Bugtraq: 808 Nessus: 10054
Signature Description: DeleGate is a multi-purpose application level gateway, or a proxy server which runs on multiple
platforms (Unix, Windows, MacOS X and OS/2.Delegate is a versatile application-level proxy and it is written in a