TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

121

122

123

124

125

126

127

128

129

130

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

128

Signature ID: 1050

Talentsoft Web+ Example Script File Disclosure Vulnerability

Threat Level: Information

Bugtraq: 1725

Signature Description: Web+ is a development language for use in creating web-based client/server applications.In

Linux versions of the product, an example script installed in Web+ (Web+Ping) which fails to correctly filter shell meta

characters. As a result, parameters passed to this script may contain malicious shell commands, allowing an attacker to

remotely execute or read any file which is accessible by the Web+ user.Windows NT versions of Web+ are apparently

not vulnerable.TalentSoft Web+ Application Server (Linux) 4.6 is prone to this vulnerability.

Signature ID: 1051

Bytes Interactive Web Shopper Directory Traversal Vulnerability

Threat Level: Warning

Industry ID: CVE-2000-0922 Bugtraq: 1776

Signature Description: The Web Shopper is a shopping cart/cart management product by Bytes Interactive, it can be

used to develop both a catalogue as well as custom HTML pages, and allows the designer to determine the layout,

language, currency, and the overall look of a shopping cart. Bytes Interactive Web Shopper 2.0 and Bytes Interactive

Web Shopper 1.0 are vulnerable versions. By default, the newpage variable not validating properly for "dot dot" (/../)

sequences. So a remote attacker can submit a specially-crafted URL containing "dot dot" (/../) sequences to view

arbitrary files on the Web server, such as /etc/passwd. Successful exploitation could lead to a remote intruder gaining

read access to any known file.

Signature ID: 1052

Web Shopper shopper.cgi directory traversal vulnerability

Threat Level: Warning

Industry ID: CVE-2000-0922 Bugtraq: 1776

Signature Description: The Web Shopper is a shopping cart and cart management product by Bytes Interactive. It can

be used to develop both a catalogue as well as custom HTML pages, and allows the designer to determine the layout,

language, currency, and the overall look of a shopping cart. Bytes Interactive Web Shopper shopping cart program

(shoper.cgi) 2.0 and earlier versions are vulnerable, this version may allows a remote attacker to traverse directories on

the server. By default, the newpage variable not properly checking for "dot dot" (/../) sequences. The remote

user(attacker) can submit a specially-crafted URL containing "dot dot" sequences with newpage parameter to

shoper.cgi script, then he can view arbitrary files on the Web server, such as /etc/passwd. No remedy available as of

August 2008.

Signature ID: 1053

Drummon Miles A1Stats Directory Traversal Vulnerability

Threat Level: Warning

Industry ID: CVE-2001-0561 CVE-2001-0562 Bugtraq: 2705 Nessus: 10669

Signature Description: A1Stats is a CGI product by Drummon Miles used to report on a website's visitor

traffic.<br>Drummond Miles A1Stats 1.6 and prior versions are vulnerable, these versions are not validating properly

the user supplied input submitted as uerystrings to the Aa1disp3.cgi script. An attacker will send crafted with a long

path including '/../' sequences, and submit it as a file request to the product's built-in webserver. These type requests

will not be filtered from the path, permitting the attacker to specify files outside the directory tree normally available to

users. Patches are available at vendor website.