TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
840
different types of IPv4 packets containing a specially crafted IP option. Successful exploitation of this vulnerability
may allow an attacker to execute arbitrary code on an affected device or create a denial-of-service condition. This
signature detects attack vectors on Pragmatic General Multicast packets.
Signature ID: 34788
Cisco IOS Crafted IP Option Vulnerability
Threat Level: Warning
Industry ID: CVE-2007-0480 Bugtraq: 22211
Signature Description: The Internet Protocol (IP) is a protocol used for communicating data across a packet-switched
internetwork using the TCP/IP suite of protocols. Internet Protocol version 4 (IPv4) is the fourth iteration of the
Internet Protocol (IP) and it is the first version of the protocol to be widely deployed. IPv4 is the dominant network
layer protocol on the Internet. The creators of IPv4 included the ability to add options that provide additional flexibility
in how IP handles datagrams. The IP datagram may contain zero or more options, which makes the total length of the
Options field in the IP header variable. CISCO IOS is the operating system used on the vast majority of Cisco Systems
routers and all current Cisco network switches. A vulnerability exists in the way Cisco IOS processes a number of
different types of IPv4 packets containing a specially crafted IP option. Successful exploitation of this vulnerability
may allow an attacker to execute arbitrary code on an affected device or create a denial-of-service condition. This
signature detects attack vectors on Protocol Independent Multicast version 2 packets.
Signature ID: 34789
Cisco ACS Windows CSAdmin Overflow vulnerability
Threat Level: Severe
Industry ID: CVE-2003-0210
Signature Description: Cisco Secure Access Control Server(ACS) is a high-performance, highly scalable,centralized
user access control framework. It supports centralized access and audit for dial access server, VPN and firewall, and IP
voice(VoIP) solutions,as well as user based on standard IEEE 802.1x for wireless users of Cisco Aironet 350 wireless
integration solution. Cisco Secure ACS versions 2.6.4 , 3.0.3, and 3.1.1 are vulnerable to a stack based buffer over flow
via sending long user request to login.exe. A successful exploitation of this issue will allow an attacker to execute
arbitrary commands. This issue is fixed in ACS for Windows versions 3.0.4, 3.1.2, and later. Administrators are
advised to update latest version.
Signature ID: 34790
Cisco CNS Netflow Collection Engine Default Password vulnerability
Threat Level: Warning
Industry ID: CVE-2007-2282
Bugtraq: 23647
Signature Description: The Cisco Network Services (CNS) NetFlow Collection Engine (NFC) is a software package
for supported UNIX platforms and is used to collect and monitor NetFlow accounting data for network devices such as
routers and switches. The Cisco Network Services (CNS) NetFlow Collection Engine (NFC) contains a default
password. Cisco Network Services (CNS) NetFlow Collection Engine (NFC) before 6.0 is vulnerable to a gain access.
A successful exploitation of this issue will allow an attacker to modify the application configuration and gain user
access to the target host operating system. This issue is fixed in 6.0 or later version. Administrators are advised to
update the latest version to resolve this issue. This signature specifically triggers using UDP service.
Signature ID: 34791
Cisco CNS Netflow Collection Engine Default Password vulnerability
Threat Level: Warning
Industry ID: CVE-2007-2282
Bugtraq: 23647
Signature Description: The Cisco Network Services (CNS) NetFlow Collection Engine (NFC) is a software package
for supported UNIX platforms and is used to collect and monitor NetFlow accounting data for network devices such as