TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

141

142

143

144

145

146

147

148

149

150

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

142

documents, etc. We have full control over pricing, shipping, taxation, transaction options, the look and feel of store.

BizDesign ImageFolio 3.01 version is vulnerable, this version does not validate properly the user input values to

imageFolio.cgi scripts, so there is possibility to inject script(XSS). A malicious user(remote attacker) can send specially

crafted URL to this script, when executed by a legitimate user, runs with the security context of the web server. In this

way, the attacker can obtain a legitimate user's session cookie, thereby posing as the user for the duration of the session.

Signature ID: 1120

Ntdll.dll Buffer Overflow Vulnerability

Threat Level: Information

Industry ID: CVE-2003-0109 Bugtraq: 7116 Nessus: 11413,11412

Signature Description: For IIS, WebDAV does not limit the length of the file name being requested. When processing

a WebDAV based request, method used is PROPFIND,LOCK,SEARCH or even GET with "translate:f" header, the

request is passed to series of functions, one of these being GetFileAttributesExW. Under the hood of

GetFileAttributesExW is a call to the RtlDosPathName_U function exported by ntdll.dll. This where actual

vulnerability lies.IIS 5.0 is prone to this vulnerability.

Signature ID: 1121

Last Lines CGI Script Directory Traversal Vulnerability

Threat Level: Information

Industry ID: CVE-2001-1205 Bugtraq: 3754

Signature Description: Last Lines CGI is a freely available script written in Perl and maintained by the Matrix's CGI

Vault.Lastlines.cgi is prone to directory traversal attacks. It is possible for a remote attacker to submit a maliciously

crafted web request which is capable of breaking out of wwwroot and browsing arbitrary web-readable files on a host

running the vulnerable script. The affected version of Last Line is 2.0.

Signature ID: 1122

WEB-CGI loadpage.cgi access vulnerability

Threat Level: Information

Industry ID: CVE-2000-1092 CVE-2000-0188 Bugtraq: 2109,1014 Nessus: 10065

Signature Description: Loadpage.cgi CGI program in EZshopper 3.0 and 2.0 allows remote attackers to list and read

files in the EZshopper data directory by inserting a "/" in front of the target filename in the "file" parameter.

Signature ID: 1123

WEB-CGI mailfile.cgi access vulnerability

Threat Level: Information

Industry ID: CVE-2000-0977

Bugtraq: 1807

Signature Description: OatMeal studios' Mail-File is a cgi application that allows for sending of certain files to user-

specified email addresses via a web interface. A vulnerability exists in this script that can be used to send the contents

of <i>any</i> readable user-specified files to an email address.The web interface provides the user with the option to

select files to send that have been pre-configured in the script. The values of the form variables associated with each

"pre-configured file" are the actual filenames that are used when opening the files. As a result, the user can manipulate

the filename value so that the script will, instead of opening one of the "normal" options, open whatever has been

specified as the filename (eg "../../../../../../../../../etc/passwd"). If exploited, an attacker can read arbitrary files on the

filesystem with the privileges of the webserver. This may lead to further compromise. Oatmeal Studios Mail File 1.10

is prone to this vulnerability.