TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

941

942

943

944

945

946

947

948

949

950

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

941

server that uses the OpenSSL library to cause OpenSSL to crash. This signature detects on service ftp protocol, control,

over TLS/SSL on TCP Port 990.

Signature ID: 35430

Cisco OpenSSL Implementation Vulnerability

Threat Level: Warning

Industry ID: CVE-2004-0079 Bugtraq: 9899

Signature Description: Secure Sockets Layer (SSL) is a protocol used to encrypt the data transferred over a TCP

session. OpenSSL is (OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c) vulnerable to a denial of service Caused by a NULL-pointer

assignment in the "do_change_cipher_spec()" function. A remote attacker can send a specially-crafted handshake to

server that uses the OpenSSL library to cause OpenSSL to crash. This signature detects on service telnet protocol over

TLS/SSL on TCP Port 992.

Signature ID: 35431

Cisco OpenSSL Implementation Vulnerability

Threat Level: Warning

Industry ID: CVE-2004-0079 Bugtraq: 9899

Signature Description: Secure Sockets Layer (SSL) is a protocol used to encrypt the data transferred over a TCP

session. OpenSSL is (OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c) vulnerable to a denial of service Caused by a NULL-pointer

assignment in the "do_change_cipher_spec()" function. A remote attacker can send a specially-crafted handshake to

server that uses the OpenSSL library to cause OpenSSL to crash. This signature detects on service imap4 protocol over

TLS/SSL on TCP Port 993.

Signature ID: 35432

Cisco OpenSSL Implementation Vulnerability

Threat Level: Warning

Industry ID: CVE-2004-0079 Bugtraq: 9899

Signature Description: Secure Sockets Layer (SSL) is a protocol used to encrypt the data transferred over a TCP

session. OpenSSL is (OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c) vulnerable to a denial of service Caused by a NULL-pointer

assignment in the "do_change_cipher_spec()" function. A remote attacker can send a specially-crafted handshake to

server that uses the OpenSSL library to cause OpenSSL to crash. This signature detects on service irc protocol over

TLS/SSL on TCP Port 994.

Signature ID: 35433

Cisco OpenSSL Implementation Vulnerability

Threat Level: Warning

Industry ID: CVE-2004-0079 Bugtraq: 9899

Signature Description: Secure Sockets Layer (SSL) is a protocol used to encrypt the data transferred over a TCP

session. OpenSSL is (OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c) vulnerable to a denial of service Caused by a NULL-pointer

assignment in the "do_change_cipher_spec()" function. A remote attacker can send a specially-crafted handshake to

server that uses the OpenSSL library to cause OpenSSL to crash. This signature detects on service pop3 protocol over

TLS/SSL on TCP Port 995.

Signature ID: 35434

Cisco IOS Malformed BGP Packet Causes Reload Vulnerability

Threat Level: Warning

Industry ID: CVE-2004-0589 Bugtraq: 10560

Signature Description: Cisco IOS (Internetwork Operating System) is the software used on the Cisco System routers

and Cisco network switches. Border Gateway Protocol (BGP) is a routing protocol and designed to manage IP routing