Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
11121314151617181920
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
11
successful exploitation of this vulnerability allows an attacker to access sensitive information on the vulnerable system.
This signature specifically detects "nsf" pattern in the traffic sent to the http server.
Signature ID: 62
Access to Domino db sensitive files detected
Threat Level: Warning
Nessus: 10629
Signature Description: The remote Lotus Domino server allows an anonymous user to access sensitive information
such as users, databases, configuration of servers. Lotus Domino server is vulnerable to information disclosure. A
successful exploitation of this vulnerability allows an attacker to access sensitive information on the vulnerable system.
This signature specifically detects "mail.box" pattern in the traffic sent to the http server.
Signature ID: 64
Dumpenv cgi vulnerability
Threat Level: Warning
Industry ID: CVE-1999-1178 Bugtraq: 2255 Nessus: 10060
Signature Description: Sambar server is a multi-threaded, extensible application server with highly programmable API.
It has virtual domain support with independent document/CGI directories, log files, and error templates.'dumpenv.pl' is
a utility that will display environment information on which the server resides.In Sambar Server 4.1, this utility
displays sensitive information. This information could include the server software version being used, directory settings
and path information. This information may help a hacker in subsequent attacks.
Signature ID: 65
Empower path cgi vulnerability
Threat Level: Warning
Industry ID: CVE-2001-0224 Bugtraq: 2374 Nessus: 10609
Signature Description: Brightstation Muscat is a search engine application. It is possible to get the physical location of
a virtual web directory of a host in Brightstation Muscat 1.0 by issuing an invalid request in the DB parameter(for
example: GET /cgi-bin/empower?DB=whatever HTTP/1.0). Remote attackers can thus gain access to sensitive
information, which may assist in further attacks against the host.
Signature ID: 67
Eshop cgi arbitrary commane execution vulnerability
Threat Level: Warning
Industry ID: CVE-2001-1014 Bugtraq: 3340
Signature Description: Webdiscount E-Shop Online Shop System is a web commerce application. It is written and
maintained by Michael Boehme. A problem exists in a default implementation of the Michael Boehme WebDiscount
E-Shop Online-Shop System 1.0 that may allow a user to potentially pass malicious input to the script. This is due
insufficient sanitization from untrusted sources. For example, an attacker can use shell metacharacters (';', '|', etc.),
which will allow arbitrary commands to be executed by the host with the privileges of the webserver process.
Successful exploitation of this issue may cause sensitive information to be disclosed to the attacker.
Signature ID: 69
Excite for Web Servers 1.1 Command Execution Vulnerability
Threat Level: Severe
Industry ID: CVE-1999-0279 Bugtraq: 2248 Nessus: 10064
Signature Description: Excite for Web Servers is a search engine suite for web servers running under Windows NT and
UNIX. Excite Excite for Web Servers 1.1 has a well known security flaw that lets anyone execute arbitrary commands