TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
925
Signature ID: 35322
Cisco IOS SNMP Message Processing vulnerability
Threat Level: Warning
Industry ID: CVE-2004-0714
Bugtraq: 10186
Signature Description: The Simple Network Management Protocol (SNMP) defines a standard mechanism for remote
management and monitoring of devices in an Internet Protocol (IP) network. A device or host that supports SNMP is an
SNMP entity. There are two classes of SNMP entities: SNMP managers that request information and receive
unsolicited messages and SNMP agents that respond to requests and send unsolicited messages.There are two classes of
SNMP operations: solicited operations such as 'get' or 'set', with which the SNMP manager requests or changes the
value of a managed object on an SNMP agent; and unsolicited operations such as 'trap' or 'inform' messages with which
the SNMP agent provides an unsolicited notification or alarm message to the SNMP manager.CISCO IOS is the
operating system used on the vast majority of Cisco Systems routers and all current Cisco network switches. CISCO
IOS 12.0S through 12.3T attempts to process SNMP solicited operations on improper ports (UDP 162 and a randomly
chosen UDP port), which allows remote attackers to cause a denial of service through device reload and memory
corruption. This signature detects SNMP V3 attack vectors to port 162.
Signature ID: 35323
Cisco IOS SNMP Message Processing vulnerability
Threat Level: Warning
Industry ID: CVE-2004-0714 Bugtraq: 10186
Signature Description: The Simple Network Management Protocol (SNMP) defines a standard mechanism for remote
management and monitoring of devices in an Internet Protocol (IP) network. A device or host that supports SNMP is an
SNMP entity. There are two classes of SNMP entities: SNMP managers that request information and receive
unsolicited messages and SNMP agents that respond to requests and send unsolicited messages.There are two classes of
SNMP operations: solicited operations such as 'get' or 'set', with which the SNMP manager requests or changes the
value of a managed object on an SNMP agent; and unsolicited operations such as 'trap' or 'inform' messages with which
the SNMP agent provides an unsolicited notification or alarm message to the SNMP manager.CISCO IOS is the
operating system used on the vast majority of Cisco Systems routers and all current Cisco network switches. CISCO
IOS 12.0S through 12.3T attempts to process SNMP solicited operations on improper ports (UDP 162 and a randomly
chosen UDP port), which allows remote attackers to cause a denial of service through device reload and memory
corruption. This signature detects SNMP V1 attack vectors to randomly chosen UDP port.
Signature ID: 35324
Cisco IOS SNMP Message Processing vulnerability
Threat Level: Warning
Industry ID: CVE-2004-0714 Bugtraq: 10186
Signature Description: The Simple Network Management Protocol (SNMP) defines a standard mechanism for remote
management and monitoring of devices in an Internet Protocol (IP) network. A device or host that supports SNMP is an
SNMP entity. There are two classes of SNMP entities: SNMP managers that request information and receive
unsolicited messages and SNMP agents that respond to requests and send unsolicited messages.There are two classes of
SNMP operations: solicited operations such as 'get' or 'set', with which the SNMP manager requests or changes the
value of a managed object on an SNMP agent; and unsolicited operations such as 'trap' or 'inform' messages with which
the SNMP agent provides an unsolicited notification or alarm message to the SNMP manager.CISCO IOS is the
operating system used on the vast majority of Cisco Systems routers and all current Cisco network switches. CISCO
IOS 12.0S through 12.3T attempts to process SNMP solicited operations on improper ports (UDP 162 and a randomly
chosen UDP port), which allows remote attackers to cause a denial of service through device reload and memory
corruption. This signature detects SNMP V2 attack vectors to randomly chosen UDP port.