TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
135
Signature ID: 1085
Bonsai CGI request reveals path information vulnerability
Threat Level: Warning
Industry ID: CVE-2003-0153
CVE-2002-0749 Bugtraq: 4579,5517 Nessus: 11748
Signature Description: Bonsai is tree control is a tool, that perform queries on the contents of a CVS archive; we can
get a list of checkins, what checkins have been made by a given person, or on a given CVS branch, or in a particular
time period. It also includes tools for looking at checkin logs (and comments) to making differences between various
versions of a file. and finding out which person is responsible for changing a particular line of code. <br>Mozilla
Bonsai 1.3 verion is vulnerable, these versions allowing a remote attacker to obtain sensitive information. An attacker
can discover the location of the Mozilla Bonsai application by sending a malformed request to the application, which
produces an error. The error message shows the full path of the cvslog.cgi file, providing the attacker with
<br>information about the server directory structure. Patches are available at debian website.
Signature ID: 1086
Mozilla Bonsai Path Disclosure Vulnerability
Threat Level: Warning
Industry ID: CVE-2003-0153 CVE-2002-0749 Bugtraq: 5517,4579 Nessus: 11748
Signature Description: Bonsai is tree control is a tool, that perform queries on the contents of a CVS archive; we can
get a list of checkins, what checkins have been made by a given person, or on a given CVS branch, or in a particular
time period. It also includes tools for looking at checkin logs (and comments) to making differences between various
versions of a file. and finding out which person is responsible for changing a particular line of code. <br>Mozilla
Bonsai 1.3 verion is vulnerable, these versions allowing a remote attacker to obtain sensitive information. An attacker
can discover the location of the Mozilla Bonsai application by sending a malformed request to the application, which
produces an error. The error message shows the full path of the cvsview2.cgi file, providing the attacker with
<br>information about the server directory structure. Patches are available at debian website.
Signature ID: 1087
SGI IRIX 6.2 day5datacopier.cgi Untrusted search path vulnerability
Threat Level: Warning
Industry ID: CVE-1999-1232
Signature Description: The IRIX is Operating system, this operating system is the leading technical high-performance
64-bit operating system based on industry-standard UNIX. SGI has been designing scalable platforms based on the
IRIX operating system to connect technical and creative professionals to a world of innovation and discovery.
day5datacopier in SGI IRIX 6.2 is vulnerable, The IRIX day5datacopier CGI script is allowing a local attacker to
execute arbitrary commands on the system with root privileges via a modified PATH environment variable that points
to a malicious cp program. This can lead<br>to unauthorized access and possibly escalated privileges to that of
the<br>administrator. Data stored on the machine can be compromised and trust<br>relationships between the victim
server and other hosts can be exploited by the attacker.No remedy available as of August 2008.
Signature ID: 1088
SGI IRIX 6.2 day5datanotifier.cgi Untrusted search path vulnerability
Threat Level: Warning
Industry ID: CVE-1999-1232
Signature Description: The IRIX is Operating system, this operating system is the leading technical high-performance
64-bit operating system based on industry-standard UNIX. SGI has been designing scalable platforms based on the
IRIX operating system to connect technical and creative professionals to a world of innovation and discovery.
day5datacopier in SGI IRIX 6.2 is vulnerable, The IRIX day5datacopier CGI script is allowing a local attacker to
execute arbitrary commands on the system with root privileges via a modified PATH environment variable that points
to a malicious cp program. No remedy available as of August 2008.