TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
932
suffer from this vulnerability.This signature detects non SSL traffic over TCP port 684 (CORBA IIOP SSL) which is
known to be used for SSL communication.
Signature ID: 35349
Open SSL unknown message type vulnerability
Threat Level: Warning
Industry ID: CVE-2004-0081
Bugtraq: 9899
Signature Description: Secure Sockets Layer (SSL) is a cryptographic protocol that provide secure communication on
the Internet for various services such as web browsing, e-mail, Internet faxing, instant messaging,etc. OpenSSL is an
open source implementation of the SSL and TLS protocols. The core library (written in the C programming language)
implements the basic cryptographic functions and provides various utility functions. Wrappers allowing the use of the
OpenSSL library in a variety of computer languages are available. It is used by many operating systems and network
devices to reduce development time. OpenSSL 0.9.6 before 0.9.6d do not properly handle unknown message types,
which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS
Test Tool. CISCO IOS is the operating system used on the vast majority of Cisco Systems routers and all current Cisco
network switches.Linux is the name of a Unix-like computer operating system. Many versions of Linux and Cisco IOS
suffer from this vulnerability.This signature detects non SSL traffic over TCP port 994 (ircs -irc protocol over
TLS/SSL) which is known to be used for SSL communication.
Signature ID: 35350
Cisco Works Application Privilage escalation Vulnerability
Threat Level: Warning
Industry ID: CVE-2003-0731 Bugtraq: 8412
Signature Description: CiscoWorks LAN Management Solution (LMS) is a suite of powerful management tools that
simplify the configuration, administration, monitoring, and troubleshooting of Cisco networks. CiscoWorks Common
Management Foundation (CMF), also packaged as part of CiscoWorks CD One, provides an application infrastructure
foundation, allowing all CiscoWorks applications to share a common model for data storage, login, user role
definitions, access privileges, and security protocols, as well as for navigation and launch management. CiscoWorks
Common Management Foundation (CMF) 2.1 and earlier allows the guest user to gain administrative privileges via a
certain POST request to com.cisco.nm.cmf.servlet.CsAuthServlet, possibly involving the "cmd" parameter with a
modifyUser value and a modified "priviledges" parameter.
Signature ID: 35351
Cisco Works Application Privilage escalation Vulnerability
Threat Level: Warning
Industry ID: CVE-2003-0732
Bugtraq: 8412
Signature Description: CiscoWorks LAN Management Solution (LMS) is a suite of powerful management tools that
simplify the configuration, administration, monitoring, and troubleshooting of Cisco networks. CiscoWorks Common
Management Foundation (CMF), also packaged as part of CiscoWorks CD One, provides an application infrastructure
foundation, allowing all CiscoWorks applications to share a common model for data storage, login, user role
definitions, access privileges, and security protocols, as well as for navigation and launch management. CiscoWorks
Common Management Foundation (CMF) 2.1 and earlier allows the guest user to obtain restricted information and
possibly gain administrative privileges by changing the "guest" user to the "admin" user by sending a crafted post
request.
Signature ID: 35352
SNMP HMAC Authentication bypass Vulnerability
Threat Level: Critical
Industry ID: CVE-2008-0960 Bugtraq: 29623