Manualshelf

TMS zl Module Release Notes ST.1.2.101122

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
81828384858687888990
81
Known Issues
Release ST.1.0.090603
PR_40292 When a user has a local account on the TMS zl Module and has an account
with the same name on the RADIUS server, the user will always be authenticated to the local
account and no attempt is made to access the RADIUS server, even if the user name includes
the realm, as in username@domain.
PR_40313 When adding a RADIUS server, the administrator can specify a NAS-ID that
accepts a script as input allowing code injection to RADIUS web interface page.
PR_40319 In the log file, log entries with the following message IDs may truncate the
username: 1213, 1214, and 1204. Other information, such as the user's IP address and login
time are displayed correctly.
R_40320 — In the log file, the RADIUS Log message IDs of 4518 and 4512 do not contain
any details. Message ID of 4512 refers to an authentication request being sent to a RADIUS
server (severity is info) and message ID of 4518 refers to a response from the RADIUS server
that was received without any attributes (severity is info).
PR_40321 When a RADIUS authentication fails, the log entry with message ID of 4579
displays the wrong user IP address. The username is displayed correctly.
PR_40340 A trusted administrator is not prevented from adding thousands of RADIUS
server entries in the web browser interface. This large number of RADIUS servers will cause
problems when trying to modify RADIUS settings.
PR_40352 — Adding a RADIUS server into the TMS zl Module by CLI scripting will fail after
a while.
PR_40312 — Log messages with message IDs of 609, 618, 629, and 659 are marked as critical
but should not be critical. They should be a warning.
time="2009-05-08 21:13:47" severity=critical pri=1
fw=ProCurve-TMS-zl-Module id=fw_l2l3_attack msg="FW: udp packet header
length is less than expected, packets dropped" srczone=INTERNAL
src=192.168.70.100 srcport=0 dstzone=ZONE6 dst=192.168.70.100 dstport=0
proto=UDP subfamid=packetheaderanomaly mtype=attack mid=609
time="2009-05-11 17:32:41" severity=critical pri=1
fw=ProCurve-TMS-zl-Module id=fw_l2l3_attack msg="FW: tcp packet header
length is less than expected, packets dropped" srczone=ZONE1 src=10.1.10.151
srcport=0 dstzone=SELF dst=10.1.10.6 dstport=0 proto=TCP subfamid=packet-
headeranomaly mtype=attack mid=618
time="2009-05-09 11:06:54" severity=critical pri=1
fw=ProCurve-TMS-zl-Module id=fw_l2l3_attack msg="Excessive number of TCP
connections with Zero bytes detected, possible TCP connect scan. One of the
possible five tuples are captured in this message" srczone=INTERNAL
src=192.168.1.209 srcport=36940 dstzone=EXTERNAL dst=192.168.2.21
dstport=25 proto=TCP subfamid=tcp-ipportscan mtype=attack mid=629