TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
130
<br>restricted resources. The problem occurs in the method in which the script checks input. A remote attacker can use
the FORM method and send a request with file paramete, to execute arbitrary commands on the system with privileges
of the Web server. No remedy available as of August 2008.
Signature ID: 1059
Alchemy Eye Remote Command Execution Vulnerability
Threat Level: Warning
Industry ID: CVE-2001-0871 Bugtraq: 3599
Signature Description: Alchemy Eye is a network monitor tool for Windows based environments, this tool monitors
the server accessibility and performance, network Alchemy Eye is maintained by alchemy labs. Alchemy Lab Alchemy
Eye versions 2.6.19 through 3.0.10. are vulnerable. There is possible the directory traversal then remote attacker could
execute arbitrary command execution. Successful exploitation can lead to attackers gaining access to the host. <br>An
attackers can traverse out of the root directory by placing MS-DOS device name "NUL" before the first "../". No
remedy available as of August 2008.
Signature ID: 1060
Alchemy Eye Remote Command Execution Vulnerability
Threat Level: Warning
Industry ID: CVE-2001-0871 Bugtraq: 3599
Signature Description: Alchemy Eye is a network monitor tool for Windows based environments, this tool monitors
the server accessibility and performance, network Alchemy Eye is maintained by alchemy labs. Alchemy Lab Alchemy
Eye versions 2.6.19 through 3.0.10. are vulnerable. There is possible the directory traversal then remote attacker could
execute arbitrary command execution. Successful exploitation can lead to attackers gaining access to the host. <br>An
attackers can traverse out of the root directory by placing MS-DOS device names before the first "../". The vendor
attempted to fix this vulnerability, Alchemy Lab Alchemy Eye 3.0.11 verions is not vulnerable plz update this version,
available at vendor website.
Signature ID: 1061
Alya.cgi access vulnerability
Threat Level: Information
Nessus: 11118
Signature Description: This event is generated when an attempt is made to gain unauthorized access to a CGI
application running ona web server. Some applications do not perform stringent checks when validating the credentials
of a client host connecting to the services offered on a host server. This can lead to unauthorized access and possibly
escalated privileges to that of the administrator. This can lead<br>to unauthorized access and possibly escalated
privileges to that of the<br>administrator. Data stored on the machine can be compromised and trust<br>relationships
between the victim server and other hosts can be exploited by the attacker.
Signature ID: 1062
Anaconda Foundation Directory Traversal Vulnerability
Threat Level: Warning
Industry ID: CVE-2000-0975
CVE-2001-0308 Bugtraq: 2338,2388 Nessus: 10536
Signature Description: The Anaconda Foundation Directory allows user to dynamically integrate the amazing content
into user site's own look and feel. Anaconda Foundation Directory 1.9, Anaconda Foundation Directory 1.7, Anaconda
Foundation Directory 1.6, Anaconda Foundation Directory 1.5, Anaconda Foundation Directory 1.4 are vulnerable
versions. A remote attacker could send a dot dot sequence('../' technique) and by appending a null byte followed by
'.html' to the extension of the filename in question to 'apexec.pl' script in conjunction with the variable 'template'. After
received the request it is not validating properly, so the attacker can read any file on the Web server with privileges of
HTTPD.