TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
152
Signature ID: 1170
WEB-CGI webdist.cgi access vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0039 Bugtraq: 374 Nessus: 10299
Signature Description: IRIX is a computer operating system developed by SGI to run natively on their 32-bit and 64-
bit MIPS architecture workstations and servers. The InfoSearch package converts man pages and other documentation
into HTML web content, the search form uses infosrch.cgi. SGI IRIX 6.3, SGI IRIX 6.2, SGI IRIX 6.1, SGI IRIX 5.3,
SGI IRIX 5.2, SGI IRIX 5.1, SGI IRIX 5.0 are vulnerable versions, The 'webdist.cgi' CGI program allows remote
attackers to execute arbitrary commands with the privileges of the web server process via shell metacharacters in the
'distloc' parameter.
Signature ID: 1171
WEB-CGI webplus directory traversal vulnerability
Threat Level: Warning
Industry ID: CVE-2000-0282 Bugtraq: 1102
Signature Description: Webplus is a powerful and comprehensive development language for use in creating web-based
client/server applications.<br>The webpsvr daemon is the driving process for the TalentSoft, Inc. web based e-
commerce software. The Web+ server runs under a standard web server, such as Apache. Users run a CGI script called
webplus (webplus.exe on Windows), which communicates with webpsvr to serve up the web pages for the electronic
store that is implemented by Web+. TalentSoft Web+ 4.x is vulnerable versions, a malicious user(remote attacker)
could send a specially-crafted request URL that contains ../(dot dot) sequesnce passed via a 'script' variable passed to
the webplus CGI. This CGI can be passed a path to any file via the script variable, resulting in arbitrary files being
displayed to the browser.
Signature ID: 1172
Website Professional Directory Revealing Vulnerability
Threat Level: Warning
Industry ID: CVE-2000-0066 Bugtraq: 932
Signature Description: OReilly Software WebSite Professional 2.4.9 and OReilly Software WebSite Professional
2.3.18 are vulnerable. A malicious user(remote attacker) could send a malformed URL request, by sending this request
there is possible to get the complete absolute directory for web documents on a target server. The default error code
404 output displays the absolute path of the web document directory on the server running Website Pro.
Signature ID: 1173
Webcom Datakommunikation CGI Guestbook rguest/wguest Vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0287 CVE-1999-0467 Bugtraq: 2024
Signature Description: The WebCOM Network is a collections of states (Departments), Districts, and Posts internet
communications and information sites that are under one umbrella orginization for format. Like going into a nation-
wide grocery store, you know where items will be from store to store. WebCom datakommunikation Guestbook 0.1 is
vulnerable version. A malicious user(remote attacker) could send a specially crafted request to rquest.exe or
wquest.exe, by specifying the path and filename as the parameter "template". After received the request these programs
not validate properly, so this request can retrieve the contents of arbitrary files to which the web server has access.
Signature ID: 1174
CgiCentral WebStore Arbitrary Command Execution Vulnerability
Threat Level: Warning
Industry ID: CVE-2001-1343 Bugtraq: 2861