Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
71727374757677787980
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
80
Signature ID: 557
WhatsUp Gold Default Admin Account vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0508 CVE-1999-0508 Nessus: 11004,10747
Signature Description: WhatsUp Gold is an easy-to-use tool for monitoring TCP/IP, NetBIOS, and IPX networks.
whatsUp Gold initiates both visible and audible alarms when monitored devices and system services go down.
WhatsUp Gold provides a web interface so you can view network status from a web browser on any computer on the
Internet. And it has default password for the admin user account. An attacker can use this vulnerability to probe other
systems on the network and obtain sensitive information.
Signature ID: 558
Linksys Router Default Password vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0508 Nessus: 10999,10747
Signature Description: Linksys is a leader in VoIP, Wireless routers and Ethernet networking for home, SOHO and
small business users. It provide effortless and economical sharing of broadband Internet connections, files, printers,
digital music, videos, photos and gaming over a wired or wireless network. By default, Linksys routers install with a
default password. The administrative account has a password 'admin' which is publicly known and documented. An
attacker can use this vulnerability to reconfigure the router and trivially access the program or system.
Signature ID: 559
40X HTML Cross Site Scripting vulnerability
Threat Level: Information
Nessus: 10643
Signature Description: Cross-site scripting is a type of computer security vulnerability typically found in web
applications which allow code injection by malicious web users into the web pages viewed by other users. An exploited
cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy. This
signature generates an event when an attacker try to exploit web applications by using
"info('Can%20Cross%20Site%20Attack')" pattern.
Signature ID: 560
Apache /server-info accessible Vulnerability
Threat Level: Information
Nessus: 10678
Signature Description: Apache is an open source Web server that is distributed free. It runs on Unix, Linux, Solairs and
Windows operating systems. This rule triggered when an attacker could requesting the URL '/server-info'. The
successful exploitation can allow an attacker to disclose information about its configuration such as installed modules,
their configuration and assorted run-time settings.
Signature ID: 561
Apache /server-status Information Disclosure Vulnerability
Threat Level: Information
Nessus: 10677
Signature Description: Apache is an open source Web server that is distributed free. It runs on Unix, Linux, Solairs and
Windows operating systems. Server-status is a built-in Apache HTTP Server handler used to retrieve the server's status
report. This rule will triggers when an attacker could send a specially-crafted URL request to the '/server-status' CGI. A
successful exploitation of this will allow an attacker to obtain sensitive information.