TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
162
Signature ID: 1225
Mountain-net WebCart Exposed Orders Vulnerability (2)
Threat Level: Warning
Industry ID: CVE-1999-0610 Bugtraq: 2281 Nessus: 10298
Signature Description: WebCart is a web commerce product provided by Mountain Network Systems, Inc. Certain
poorly configured default installations leave customer order information in remotely accessible text files, including
credit card details and other sensitive information. These files include orders/checks.txt, config/check.txt,
config/mountain.cfg, and possibly others. Exact version information has not been determined; this default configuration
issue may have been resolved in more recent versions. Regardless, it should be noted that this is not a vulnerability in
the strictest sense but rather a poor configuration issue. Mountain Network Systems Inc. WebCart 1.0 is prone to this
vulnerability.
Signature ID: 1226
Mountain-net WebCart Exposed Orders Vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0610 Bugtraq: 2281 Nessus: 10298
Signature Description: WebCart is a web commerce product provided by Mountain Network Systems, Inc. Certain
poorly configured default installations leave customer order information in remotely accessible text files, including
credit card details and other sensitive information. These files include orders/checks.txt, config/import.txt,
config/mountain.cfg, and possibly others. Exact version information has not been determined; this default configuration
issue may have been resolved in more recent versions. Regardless, it should be noted that this is not a vulnerability in
the strictest sense but rather a poor configuration issue.Mountain Network Systems Inc. WebCart 1.0 is prone to this
vulnerability.
Signature ID: 1227
OpenView Manager Denial of Service Vulnerability .
Threat Level: Warning
Industry ID: CVE-2001-0552 Bugtraq: 2845
Signature Description: Ovactiond is part of the system management software packages OpenView and Netview,
distributed by HP and IBM. It is designed for use on enterprise systems, and offers remote administrative facilities.A
problem with the software makes it possible for a remote user to execute commands on a managed system with the
privileges of the ovactiond process (often 'bin' on Unix systems). The default configuration of the daemon as installed
with HP OpenView enables the execution of commands upon receiving a trap with the command encapsulated in
quotes and escapes. Tivoli Netview is not vulnerable to this by default, but may be if customized. IBM Tivoli NetView
6.0, IBM Tivoli NetView 5.1, IBM Tivoli NetView 5.0, HP OpenView Network Node Manager 6.10, HP OpenView
Network Node Manager 5.0 1 are vulnerable versions.
Signature ID: 1228
ICQ Webfront HTTP Denial of Service Vulnerability
Threat Level: Warning
Industry ID: CVE-2000-1078 Bugtraq: 1463
Signature Description: The guestbook.cgi script allows you to define "guestbook" pages within your Web site to which
visitors can add their own comments. Your Web site may include as many guestbook pages as you wish. Each
guestbook page is configured by creating both an HTML page that visitors will see, and a configuration file that
controls how the new-comment form will look, whether the visitor will be sent a thank-you note, whether you'll be
notified of visitors, etc. ICQ, ICQ Web Front Windows 9x is vulnerable to denial of service attck, because it is not
validating properly the user supplied data through requests. A remote attacker can send a question mark (?) appended to
a URL to cause the targeted user's Web Front to crash and possibly crash the entire system.