Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
11121314151617181920
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
17
Signature ID: 101
Microsoft IIS/PWS UNICODE Characters Decoding Command Execution Vulnerability
Threat Level: Warning
Industry ID: CVE-2001-0333
Bugtraq: 2708 Nessus: 10671
Signature Description: MS IIS 4.0 and 5.0 has a vulnerability in filename processing of CGI program, When IIS
receives a CGI filename request, it automatically performs two actions before completing the request. First IIS decodes
the filename to determine the filetype and the legitimacy of the file. IIS then carries out a security check. Once the
security check is completed, IIS continues with the second action which involves the decoding of CGI parameters. A
flaw in IIS involves a third undocumented action, typically IIS decodes only the CGI parameter at this point, yet the
previously decoded CGI filename is mistakenly decoded twice. If a malformed filename is submitted and circumvents
the initial security check, the undocumented procedure will decode the malformed request, possibly allowing the
execution of arbitrary commands.
Signature ID: 102
IIS dot cnf cgi vulnerability
Threat Level: Warning
Industry ID: CVE-2002-1718 CVE-2002-0241 CVE-2002-1717 Bugtraq: 4084,4048,4078 Nessus: 10575
Signature Description: Microsoft IIS is a popular web server package for Windows based platforms.A misconfigured
IIS web server may allow remote users to read sensitive information from .cnf files. These are configuration files, used
by Telnet, Windows, and other applications with varying internal formats. Example, http://target/_vti_pvt/svcacl.cnf.
Microsoft IIS 5.1 was reported with this issue.
Signature ID: 104
IIS perl.exe problem
Threat Level: Warning
Industry ID: CVE-1999-0450 Bugtraq: 194 Nessus: 10120
Signature Description: Microsoft IIS is a popular web server package for Windows based platforms. It is possible to
obtain the physical location of a virtual web directory of this host by issuing the command : GET /scripts/no-such-
file.pl HTTP/1.0 in Microsoft IIS 5.0. An attacker may use this flaw to gain more information about the remote host,
and hence make more focused attacks.
Signature ID: 105
/scripts/repost.asp access vulnerability
Threat Level: Severe
Industry ID: CVE-1999-0360 Bugtraq: 1811 Nessus: 10372
Signature Description: Microsoft Site Server is a Internet-based commerce (or e-commerce) solution from Microsoft.
Microsoft's Site Server 2.0 allows users unrestricted access to the /users directory and it's contents with default settings.
The file /scripts/repost.asp allows users to upload files to the /users directory. Even if the directory does not exist, any
valid user can create the diectory.
Signature ID: 106
IIS vulnerable sample files access
Threat Level: Warning
Nessus: 10370
Signature Description: Microsoft IIS is a popular web server package for Windows based platforms. Any web site
running Internet Information Server 3 or 4 with sample IIS files (IDQ, ASP and HTW) is vulnerable. Using these files
it is possible to break outside of the web virtual root and gain unathorized access to files, such as log files and in certain
cases the backup version of the Security Accounts Manager (sam._). The files are fastq.idq, query.idq, query.asp (all in