TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
151
and its subdirectories to change other user's passwords or assign elevated security privileges. Attacker can do
operations on user_update_admin.pl.
Signature ID: 1165
Blackboard CourseInfo 4.0 Database Modification Vulnerability
Threat Level: Warning
Industry ID: CVE-2000-0627 Bugtraq: 1486
Signature Description: Blackboard is a Web-based integrated teaching and learning environment. Blackboard
CourseInfo will support online classes at major universities such as Cornell University, Georgetown University, Yale
University, Tufts University and University of Pittsburgh, and availability on both Unix and Windows NT platforms.
Blackboard CourseInfo 4.0 is vulnerable version, this version software allows any user who has a valid account to
make modifications to the database. An attacker can enter custom form values through any perl script located in /bin
and its subdirectories to change other user's passwords or assign elevated security privileges.
Signature ID: 1166
Apple QuickTime/Darwin Streaming Server view_broadcast.cgi Denial of Service Vulnerability
Threat Level: Warning
Industry ID: CVE-2003-0422 Bugtraq: 8257
Signature Description: QuickTime is a multimedia framework developed by Apple Inc., capable of handling various
formats of digital video, media clips, sound, text, animation, music, and several types of interactive panoramic images.
Apple QuickTime/Darwin Streaming Server 4.1.3 and earlier on Windows are vulnerable to denial of service condition.
A malicious user(remote attacker) could send a specially crafted request to view_broadcast.cgi script, Whenever an
HTTP request is made to the view_broadcast.cgi script without specifying any parameters, the server will not accept
new connections.
Signature ID: 1167
WEB-CGI w3tvars.pm access Vulnerability
Threat Level: Information
Signature Description: W3tvars.pm file is used to locate Database name, host name, user name, and password fot the
database. This signature detects when an attacker access to the w3tvars.pm file. This successful exploitation can allow
an attacker to gain sensitive information such as user name, password.
Signature ID: 1168
WEB-CGI wais.pl access Vulnerability
Threat Level: Information
Signature Description: WAIS is a program for searching large databases, lists, documents, directories of files, and so
on. It can also be used to provide search access to collections of audio, video, image, and multimedia information. This
rule triggered when an attacker requesting the 'wais.pl' script. This successful exploitation can allow an attacker to gain
sensitive information.
Signature ID: 1169
WEB-CGI web-map.cgi access Vulnerability
Threat Level: Information
Signature Description: Web Map is a PHP script which is a simple and easy to use web based map. It is possible for the
users to view the map as an enlarged image and also allows to add their own points of interest directly on the map and
customize the settings without knowledge in PHP. This signature detects when an attacker access to the web-map.cgi
script.