TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
85
server will no longer answer requests to port 80 resulting in a denial of service. This signature detects access to first
connected parallel port.
Signature ID: 584
MS-DOS Device Names Denial of Service Vulnerability
Threat Level: Warning
Industry ID: CVE-2001-0386 CVE-2001-0493 CVE-2001-0391 CVE-2001-0558 CVE-2002-0200 CVE-2000-01
CVE-2003-0016 CVE-2001-0602 CVE-2003-0421 CVE-2003-0502 Bugtraq:
1043,2575,2608,2622,2649,2704,3929,6659,6662 Nessus: 10930
Signature Description: This rule tries to detect DOS Device Name (DDN) DoS vulnerability for DOS Based Operating
Systems like MSDOS, Windows 95, 98. DOS device names (DDNs) are reserved names for common input and output
devices. For example, AUX (First connected serial port), CON (Keyboard and screen), CLOCK$ etc., These DOS-
devices can be accessed through web server and if this is done, a process will be opened to handle the execution of
particular device driver. The vulnerability is that this processing did not finish and if some more requests have been
made, the server will no longer answer requests to port 80 resulting in a denial of service. This signature detects access
to CLOCK$ device name.
Signature ID: 585
MS-DOS Device Names Denial of Service Vulnerability
Threat Level: Warning
Industry ID: CVE-2001-0386 CVE-2001-0493 CVE-2001-0391 CVE-2001-0558 CVE-2002-0200 CVE-2000-01
CVE-2003-0016 CVE-2001-0602 CVE-2003-0421 CVE-2003-0502 Bugtraq:
1043,2575,2608,2622,2649,2704,3929,6659,6662 Nessus: 10930
Signature Description: This rule tries to detect DOS Device Name (DDN) DoS vulnerability for DOS Based Operating
Systems like MSDOS, Windows 95, 98. DOS device names (DDNs) are reserved names for common input and output
devices. For example, AUX (First connected serial port), COM1 (Serial port) etc., These DOS-devices can be accessed
through web server and if this is done, a process will be opened to handle the execution of particular device driver. The
vulnerability is that this processing did not finish and if some more requests have been made, the server will no longer
answer requests to port 80 resulting in a denial of service. This signature detects access to Serial port 1.
Signature ID: 586
MS-DOS Device Names Denial of Service Vulnerability
Threat Level: Warning
Industry ID: CVE-2001-0386
CVE-2001-0493 CVE-2001-0391 CVE-2001-0558 CVE-2002-0200 CVE-2000-01
CVE-2003-0016
CVE-2001-0602 CVE-2003-0421 CVE-2003-0502 Bugtraq:
1043,2575,2608,2622,2649,2704,3929,6659,6662 Nessus: 10930
Signature Description: This rule tries to detect DOS Device Name (DDN) DoS vulnerability for DOS Based Operating
Systems like MSDOS, Windows 95, 98. DOS device names (DDNs) are reserved names for common input and output
devices. For example, AUX (First connected serial port), COM2 (Serial port) etc., These DOS-devices can be accessed
through web server and if this is done, a process will be opened to handle the execution of particular device driver. The
vulnerability is that this processing did not finish and if some more requests have been made, the server will no longer
answer requests to port 80 resulting in a denial of service. This signature detects access to Serial port 2.
Signature ID: 587
MS-DOS Device Names Denial of Service Vulnerability
Threat Level: Warning
Industry ID: CVE-2001-0386
CVE-2001-0493 CVE-2001-0391 CVE-2001-0558 CVE-2002-0200 CVE-2000-01
CVE-2003-0016 CVE-2001-0602 CVE-2003-0421 CVE-2003-0502 Bugtraq:
1043,2575,2608,2622,2649,2704,3929,6659,6662 Nessus: 10930
Signature Description: This rule tries to detect DOS Device Name (DDN) DoS vulnerability for DOS Based Operating