TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

141

142

143

144

145

146

147

148

149

150

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

148

Signature ID: 1150

WEB-CGI shopping cart directory traversal vulnerability

Threat Level: Information

Industry ID: CVE-2000-0921 Bugtraq: 1777

Signature Description: Directory traversal vulnerability in Hassan Consulting shop.cgi shopping cart program allows

remote attackers to read arbitrary files via directory traversal attack like ( ../ (dot dot slash)) with the page parameter.

Hassan Consulting Shopping Cart 1.18 is prone to this vulnerability. Because of this vulnerability attacker can all the

pages of the affected web-site.

Signature ID: 1152

WEB-CGI simplestmail.cgi access vulnerability

Threat Level: Information

Industry ID: CVE-2001-0022 CVE-2002-0749 Bugtraq: 2106,4579 Nessus: 11748

Signature Description: A vulnerability exists in Leif M. Wright's simplestmail.cgi, a script designed to coordinate

guestbook submissions from website visitors.An insecure call to the open() function leads to a failure to properly filter

shell meta characters from user supplied input. As a result, it is possible for an attacker to cause this script to execute

arbitrary shell commands with the privileges of the web server . Leif M. Wright simplestguest.cgi 2.0 is prone to this

vulnerability. guestbook parameter of simplestguest.cgi 2.0 is vulnerable if the guestbook parameter consists of

commands.

Signature ID: 1153

Snorkerz.cmd access

Threat Level: Information

Signature Description: This event is generated when an attempt is made to gain unauthorized access to a CGI

application running on a web server. Some applications do not perform stringent checks when validating the credentials

of a client host connecting to the services offered on a host server. This can lead to unauthorized access and possibly

escalated privileges to that of the administrator.

Signature ID: 1154

WEB-CGI statusconfig.pl access vulnerability

Threat Level: Information

Industry ID: CVE-2001-0113 CVE-2001-0114 Bugtraq: 2211

Signature Description: An input validation error exists in the statusconfig.pl script included in OmniHTTPD version

2.0.7.It uses mostbrowsers parameter to build the stats.pl script which will be executed on the web server.A remote

attacker can inject system commands in the parameter to execute and gain privileges. Omnicron OmniHTTPD 2.0.7 is

prone to this vulnerability.

Signature ID: 1155

Thinking Arts ES.One Directory Traversal Vulnerability

Threat Level: Warning

Industry ID: CVE-2001-0305

CVE-2001-0804 Bugtraq: 2385,3028 Nessus: 10817

Signature Description: Thinking Arts LTD E-Commerce package comes with a webstore frontend called store.cgi

which allows people to basically order products on their website over a SQL database. Thinking Arts ES.One 1.0 is

vulnerable, These versions software's store.cgi script does not validate properly the user given data, the request contains

'../' sequences and '%00' escape characters, the remote attackers are could send this type of specially-crafted URL

requests send to store.xgi script, then will disclose the directory listing and files and directories of the target(web

server) with read permissions.