TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
924
Signature ID: 35319
Cisco Secure ACS for Windows NT Server Denial of Service Vulnerability
Threat Level: Severe
Industry ID: CVE-2000-1054 Bugtraq: 1705
Signature Description: Cisco Secure Access Control Server (ACS) is an access policy control platform.It supports
multiple scenarios simultaneously, including Device administration(AAA), Remote Access(VPN and other), Wireless
authenticates and authorization and Network admission control.Cisco Secure Access Control Server (ACS) for
Windows releases up to and including 2.6.x and ACS 3.0.1 (build 40)contain two vulnerabilities. By connecting to port
2002 and sending a crafted URL, it is possible to, in a less severe case, kill the CSADMIN module or, in a severe case,
to execute an arbitrary user-supplied code. By providing a URL containing formatting symbols(for example, %s, %p),
it is possible to execute a user-provided code. By using "..\.." in the URL it is possible to access data in any directory
outside the Web root directory but on the same hard disk or disk partition. With this technique it is possible to access
only the following file types: html, htm, class, jpg, jpeg or gif. Fixes are available for Cisco Secure Access Control
Server - Windows releases 2.6(4.4) and 3.0.1 (build 40) at vendors web site.
Signature ID: 35320
Cisco IOS SNMP Message Processing vulnerability
Threat Level: Warning
Industry ID: CVE-2004-0714 Bugtraq: 10186
Signature Description: The Simple Network Management Protocol (SNMP) defines a standard mechanism for remote
management and monitoring of devices in an Internet Protocol (IP) network. A device or host that supports SNMP is an
SNMP entity. There are two classes of SNMP entities: SNMP managers that request information and receive
unsolicited messages and SNMP agents that respond to requests and send unsolicited messages.There are two classes of
SNMP operations: solicited operations such as 'get' or 'set', with which the SNMP manager requests or changes the
value of a managed object on an SNMP agent; and unsolicited operations such as 'trap' or 'inform' messages with which
the SNMP agent provides an unsolicited notification or alarm message to the SNMP manager.CISCO IOS is the
operating system used on the vast majority of Cisco Systems routers and all current Cisco network switches. CISCO
IOS 12.0S through 12.3T attempts to process SNMP solicited operations on improper ports (UDP 162 and a randomly
chosen UDP port), which allows remote attackers to cause a denial of service through device reload and memory
corruption. This signature detects SNMP V1attack vectors to port 162.
Signature ID: 35321
Cisco IOS SNMP Message Processing vulnerability
Threat Level: Warning
Industry ID: CVE-2004-0714
Bugtraq: 10186
Signature Description: The Simple Network Management Protocol (SNMP) defines a standard mechanism for remote
management and monitoring of devices in an Internet Protocol (IP) network. A device or host that supports SNMP is an
SNMP entity. There are two classes of SNMP entities: SNMP managers that request information and receive
unsolicited messages and SNMP agents that respond to requests and send unsolicited messages.There are two classes of
SNMP operations: solicited operations such as 'get' or 'set', with which the SNMP manager requests or changes the
value of a managed object on an SNMP agent; and unsolicited operations such as 'trap' or 'inform' messages with which
the SNMP agent provides an unsolicited notification or alarm message to the SNMP manager.CISCO IOS is the
operating system used on the vast majority of Cisco Systems routers and all current Cisco network switches. CISCO
IOS 12.0S through 12.3T attempts to process SNMP solicited operations on improper ports (UDP 162 and a randomly
chosen UDP port), which allows remote attackers to cause a denial of service through device reload and memory
corruption. This signature detects SNMP V2 attack vectors to port 162.