TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
852
Signature ID: 34862
DOS vulnerability on Thomson SIP phone ST 2030 using the To Header
Threat Level: Warning
Industry ID: CVE-2007-4753
Signature Description: Thomson ST2030 IP Phone is a hardphone, which uses the Session Initiation Protocol (SIP)
protocol. It will send an INVITE message which is used to initiate and maintain a communication session. In this
message To header field contains address-of-record of the user or resource that is the target of the request. Attacker will
send message with crafted uri in To field, after receiving this message the device looks functional but in fact does not
respond to any event provoking a DoS. This signature particularly for messages from UAC to UAS when the device
using TCP for transport. No remedy is available.
Signature ID: 34863
DOS vulnerability on Thomson SIP phone ST 2030 using the To Header
Threat Level: Warning
Industry ID: CVE-2007-4753
Signature Description: Thomson ST2030 IP Phone is a hardphone, which uses the Session Initiation Protocol (SIP)
protocol. It will send an INVITE message which is used to initiate and maintain a communication session. In this
message To header field contains address-of-record of the user or resource that is the target of the request. Attacker will
send message with crafted uri in To field, after receiving this message the device looks functional but in fact does not
respond to any event provoking a DoS. This signature particularly for messages from UAS to UAC when the device
using TCP for transport. No remedy is available.
Signature ID: 34864
Sun Solaris printd Arbitrary File Deletion Vulnerability
Threat Level: Severe
Industry ID: CVE-2005-4797 Bugtraq: 14510
Signature Description: Printd is a printer daemon service in Sun solaris, only systems that have the printer package
"SUNWpcu" installed are affected. This is Directory traversal vulnerability, a remote user may be able to delete
arbitrary files from the target system. A local or remote user can exploit an unspecified flaw in the 'printd' daemon to
remove arbitrary files on the target system using Unlink(U) command.
Signature ID: 34865
Novell iManager Tomcat server TREE parameter denial of service vulnerability
Threat Level: Warning
Industry ID: CVE-2006-4517 Bugtraq: 20841
Signature Description: Novell iManager provides a global view of your network from one browser-based tool,
allowing you to pro actively assess and respond to your changing network demands. With iManager, you can manage
Novell Open Enterprise Server, Novell Identity Manager, Novell eDirectory and many other Novell and third-party
services—from a Web browser. Novell iManager 2.5. and prior versions are vulnerable due to improper handling
of HTTP POST requests. This can be exploited to crash the service via a specially crafted HTTP request with an overly
long TREE parameter i.e., more than 256 bytes. Patches are available.
Signature ID: 34866
Symantec Veritas NetBackup CONNECT_OPTIONS Request Handling Buffer Overflow
vulnerability
Threat Level: Warning
Industry ID: CVE-2006-5822
Bugtraq: 21565
Signature Description: Symantec VERITAS NetBackup is a client/server based backup software solution. It is a