Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
81828384858687888990
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
81
Signature ID: 562
Red Hat Linux Apache Remote Username Enumeration Vulnerability
Threat Level: Critical
Industry ID: CVE-2001-1013
Bugtraq: 3335 Nessus: 10766
Signature Description: Apache is an open source Web server that is distributed free. It runs on Unix, Linux, Solairs and
Windows operating systems. This rule will triggers when a request is made for a user's default home page, one of three
messages is displayed depending on whether the specified user name exists and has a home page configured or not
configured, or the user name does not exist on the system. An attacker can use this vulnerability to determine valid
usernames on the system. The affected versions are Apache HTTP server and RedHat Linux 7.0. No remedy available
as of September, 2008. This rule detects, when the use name is 'root'.
Signature ID: 563
Red Hat Linux Apache Remote Username Enumeration Vulnerability(1)
Threat Level: Critical
Industry ID: CVE-2001-1013 Bugtraq: 3335 Nessus: 10766
Signature Description: Apache is an open source Web server that is distributed free. It runs on Unix, Linux, Solairs and
Windows operating systems. This rule will triggers when a request is made for a user's default home page, one of three
messages is displayed depending on whether the specified user name exists and has a home page configured or not
configured, or the user name does not exist on the system. An attacker can use this vulnerability to determine valid
usernames on the system. The affected versions are Apache HTTP server and RedHat Linux 7.0. No remedy available
as of September, 2008. This Signature detectes when the username will be 'ann_foo_fighter'.
Signature ID: 564
Cisco Catalyst Web Execution vulnerability
Threat Level: Warning
Industry ID: CVE-2000-0945 Bugtraq: 1846 Nessus: 10545
Signature Description: The Cisco Catalyst 3500 Series XL is a scalable line of stackable 10/100 and Gigabit Ethernet
switches. The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary
commands without authentication when the enable password is not set, via a URL containing '/exec/' as in
/exec/show/config/cr. An attacker may use this flaw to cut your network access to the Internet, and may even lock you
out of the router.
Signature ID: 566
Tektronix PhaserLink Webserver Vulnerability
Threat Level: Information
Industry ID: CVE-1999-1508 CVE-2001-0484 Bugtraq: 2659,806 Nessus: 10146
Signature Description: Tektronix phaserLink printer ship with a web server designed to help facilitate configuration of
the device. It can also completely modify the system characteristics, restart the machine, asign services etc. This rule
triggered when an attacker can calling undocumented URLs such as ncl_items.html. The ncl_items.html exits on the
remote system. This file will allow an attacker to reconfigure Tektronix printer. An attacker can use this vulnerability to
gain administrator access. The affected version of Tektronix PhaseLink Printer is 840.0 and earlier.
Signature ID: 567
Cabletron Web View Administrative Access vulnerability
Threat Level: Warning
Nessus: 10962
Signature Description: Cabletron webview network management tool allows network managers to access a wide range
of functions from a point-and-click world wide web interface. This web software provides a graphical, real-time