TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

141

142

143

144

145

146

147

148

149

150

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

144

containing "dot dot" sequences (/../) in the argument to the 'cfg=' parameter to traverse directories and view arbitrary

files on the Web server. After received the request this script does not validate properly the user given inputs, then there

is a chnce to read portions of arbitrary files.

Signature ID: 1130

WEB-CGI newdesk access Vulnerability

Threat Level: Information

Signature Description: NEWDESK.INF file has all the configuration of desktop. This rule will tirgger's when an

attacker can access to the 'newdesk' file. This successful exploitation can allow an attacker to gain sensitive information

such as user name, password.

Signature ID: 1131

WEB-CGI nsManager.cgi access vulnerability

Threat Level: Warning

Industry ID: CVE-2000-1023 CVE-2002-0749 Bugtraq: 1710,4579 Nessus: 11748

Signature Description: The Alabanza End User Control Panel versions 3.0 and earlier could allow a remote attacker to

gain access to the interface to manipulate domain names and Domain Name System information. Access to the Control

Panel which handles administrative controls for domains associated with Alabanza does not require a username and

password if specially crafted URLs are requested.

Signature ID: 1132

WEB-CGI perlshop.cgi access vulnerability

Threat Level: Warning

Industry ID: CVE-1999-1374

Signature Description: Perlshop.cgi shopping cart program stores sensitive customer information in directories and

files that are under the web root, which allows remote attackers to obtain that information via an HTTP request.

Signature ID: 1133

WEB-CGI pfdisplay.cgi access vulnerability

Threat Level: Warning

Industry ID: CVE-1999-0270 Bugtraq: 64 Nessus: 10174

Signature Description: Pfdispaly CGI program for SGI's Performer API Search Tool allows read access to files.SGI

IRIX 6.4,SGI IRIX 6.3,SGI IRIX 6.2 are prone to this vulnerability.The issue is triggered when a malicious attacker

uses the IRIS Performer API Search Tool (pfdisplay) to access files, which will disclose any files

Signature ID: 1134

WEB-CGI post-query access vulnerability

Threat Level: Information

Industry ID: CVE-2001-0291 Bugtraq: 6752

Signature Description: NCSA Post-query is prone to a remotely exploitable buffer overflow condition.This is due to

insufficient bounds checking when handling HTTP POST requests.It is possible for remote attackers to corrupt

sensitive regions of memory with attacker-supplied values, possibly resulting in execution of arbitrary code. NCSA

post-query 1.0 is prone to this vulnerability. By sending 1000 bogus entries to the affected system and 1001th one as

specially crafted packet, attacker gains access on the affected system.