TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
100
Signature ID: 706
Weblogic FileServlet Show Code Vulnerability
Threat Level: Information
Industry ID: CVE-2000-0682 Bugtraq: 1518 Nessus: 11724
Signature Description: BEA System WebLogic Server is an enterprise level web and wireless application server. It
provides easily surfaced diagnostics information, a GUI administration console, and command-line scripting. BEA
Weblogic Server version 5.x contain a flaw that may lead to an unauthorized information disclosure vulnerability. This
issue is triggered when a user sends a request prefixed with /ConsoleHelp/, invokes FileServlet, which causes the pages
to be displayed and view the source documents under the Web document root directory. The issue is fixed in WebLogic
Server 6.0 SP2 and 6.1 SP2. The administrator advised to update the latest version of WebLogic Server 6.0 SP2 and 6.1
SP2, available at vendor's website.
Signature ID: 708
PMachine Lib.Inc.PHP Remote Include Command Execution Vulnerability
Threat Level: Information
Industry ID: CVE-2003-1086 Bugtraq: 7919 Nessus: 11739
Signature Description: PMachine is a web content management system. It is available for the Unix and Linux operating
systems. PMachine version 2.2.1 could allow a remote attacker to include malicious PHP files. This rule will triggers
when an attacker could send a specially-crafted URL request to the lib.inc.php script using the ?pm_path variable that
specified a malicious PHP file, an attacker can use this vulnerability to execute arbitrary code on the vulnerable system.
No remedy available as of September, 2008.
Signature ID: 709
Apache Tomcat Servlet Mapping Cross Site Scripting Vulnerability
Threat Level: Information
Industry ID: CVE-2002-0682 Bugtraq: 5193 Nessus: 11041
Signature Description: Apache Tomcat is the servlet container that is used in the official Reference implementation for
the Java Servlet and JavaServer Pages technologies. Apache Tomcat version 4.0.3 is a Cross-site scripting
vulnerability. This rule will triggers when an attacker could embed malicious script within a request when using
/servlet/ mapping to invoke various servlets. The successful exploitation of vulnerable can allow an attacker to execute
arbitrary code in a victim's browser. No remedy available as of September, 2008.
Signature ID: 710
Netscape Enterprise Server Directory Indexing Vulnerability
Threat Level: Information
Industry ID: CVE-2000-0236 Bugtraq: 1063 Nessus: 10352
Signature Description: Netscape Enterprise Server is a web server used to host large-scale websites. This directory is
accessible by remote or local users without any authentication. The affected version of Netscape Enterprise Server is
3.x. If Netscape Enterprise Server with Directory indexing enabled allows remote attackers to list server directories via
web publishing tags such as ?wp-ver-info and ?wp-cs-dump. An attacker can use this vulnerability to gain unauthorized
access to documents or retrieve lists of file names(such as CGI scripts).
Signature ID: 711
CacheFlow CacheOS Unresolved Domain Cross Site Scripting Vulnerability
Threat Level: Warning
Industry ID: CVE-2002-1060 Bugtraq: 5305,5608
Signature Description: CacheOS is the firmware designed and distributed with CacheFlow web cache systems.
CacheOS, version 2.1.02 and 4.1.06, is a Cross-site scripting vulnerability. The vulnerability is caused by the result