TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
129
Signature ID: 1054
Drummon Miles A1Stats Directory Traversal Vulnerability
Threat Level: Severe
Industry ID: CVE-2001-0561
CVE-2001-0562 Bugtraq: 2705 Nessus: 10669
Signature Description: A1Stats is a CGI product by Drummon Miles used to report on a website's visitor
traffic.<br>Drummond Miles A1Stats 1.6 and prior versions are vulnerable, these versions are not validating properly
the user supplied input submitted as uerystrings to the Aa1disp2.cgi and Aa1disp4.cgi scripts. An attacker will send
crafted with a long path including '/../' sequences, and submit it as a file request to the product's built-in webserver.
These type requests will not be filtered from the path, permitting the attacker to specify files <br>outside the directory
tree normally available to users. Patches are available at vendor website.
Signature ID: 1055
A1Stats Directory Traversal Vulnerability
Threat Level: Warning
Industry ID: CVE-2001-0561 CVE-2001-0562 Bugtraq: 2705 Nessus: 10669
Signature Description: A1Stats is a CGI product by Drummon Miles used to report on a website's visitor
traffic.Versions 1.0 of this product fail to properly validate user-supplied input submitted as uerystrings to the A1Stats
script.An attacker can compose a long path including '/../' sequences, and submit it as a file request to the product's
built-in webserver. 'dot dot' sequences will not be filtered from the path, permitting the attacker to specify files outside
the directory tree normally available to users.
Signature ID: 1056
AdCycle Remote SQL Query Modification Vulnerability
Threat Level: Warning
Industry ID: CVE-2001-1226 Bugtraq: 3741
Signature Description: AdCycle is a set of shareware ad management scripts written in Perl and back-ended by
MySQL. Adcycle.com Adcycle 1.12 to Adcycle.com Adcycle 1.17 are vulnerable to this <br>attacks. These verions
may allow a remote attacker to modify the logic of an existing SQL query and manipulate the MySQL database and
other databases to which the AdCycle CGI process has access. These vulnerable versions are not validating properly
multiple unspecified CGI variables before passing them to MySQL queries. No remedy available as of August 2008.
Signature ID: 1057
Slashcode User Account Compromise Vulnerability
Threat Level: Warning
Industry ID: CVE-CVE-2002-1748 Bugtraq: 3839
Signature Description: Slashcode is a bulletin board, discussion and portal framework. It is widely used, and is behind
the popular Slashdot page. Slashcode 2.1 to 2.2.2 versions are vulnerable, these verions are allowing a remote attacker
with a valid account to gain unauthorized access to other arbitrary accounts. As valid user may gain access to another
user account ar administrative accounts, and get full control of the site is possible through this exploitation. Update
latest verions Slashcode 2.2.3 found at slashcode website.
Signature ID: 1058
Leif M. Wright ad.cgi Unchecked Input Vulnerability
Threat Level: Severe
Industry ID: CVE-2001-0025 Bugtraq: 2103
Signature Description: The Common Gateway Interface (CGI) is a standard protocol for interfacing external
application software with an information server, commonly a web server. Here ad.cgi CGI program by Leif Wright,
Leif M. Wright's ad.cgi 1.0 version is vulnerable, it could allow a remote attacker to execute arbitrary commands on the
Web server, because of this is not validating properly the user inputs, then a remote attacker may allows access to