TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
173
Signature ID: 1273
Apache Tomcat Servlet Path Disclosure Vulnerability
Threat Level: Warning
Industry ID: CVE-2002-2006
CVE-2002-2006 Bugtraq: 4575 Nessus: 11046
Signature Description: Apache Tomcat is an implementation of the Java Servlet and JavaServer Pages technologies.
The Java Servlet and JavaServer Pages specifications are developed under the Java Community Process. Apache
Software Foundation Tomcat 4.1 and prior versions are vulnerable, these versions of Tomcat TroubleShooter servlet
does not validating properly the credentials of a client host connecting to the services offered on a host server. This can
lead to unauthorized access and possibly escalated privileges to that of the administrator. Patches are available at sun
website.
Signature ID: 1274
Apache Tomcat Servlet Malformed URL JSP Source Disclosure vulnerability
Threat Level: Warning
Industry ID: CVE-2001-0590 Bugtraq: 2527 Nessus: 10949,10715
Signature Description: Apache Tomcat is an implementation of the Java Servlet and JavaServer Pages technologies.
Apache Tomcat powers numerous large-scale, mission-critical web applications across a diverse range of industries and
organizations. Apache Software Foundation Tomcat 4.0, Apache Software Foundation Tomcat 3.2.1 and BEA Systems
Weblogic Server 5.1 are vulnerable versions, these versions are not validating properly the user request, then there is
chance to view source code. A remote attacker can send a GET request that does not end with an HTTP protocol
specification (HTTP/1.0 or HTTP/1.1) to receive the source code of the requested JSP file, and possibly obtain database
passwords and file names. Apply patch HPTL_00010.
Signature ID: 1275
Eagletron TrackerCam 'fn' Parameter 'ComGetLogFile.php3' Script Directory Traversal
Vulnerability
Threat Level: Severe
Industry ID: CVE-2005-0479 Bugtraq: 12592
Signature Description: TrackerCam is the official software for TrackerPod, a robotic tripod used to provide movement
to a webcam but this software can be used with any webcam. TrackerCam version 5.12 and earlier are vulnerable to a
directory traversal vulnerability. The vulnerability is due to improper validation of 'ComGetLogFile.php3' script
provided as an argument for 'fn' parameter. By default TrackerCam runs on TCP Port 8090 and acts as a webserver. A
remote attacker can send a specially crafted request containing '..' sequences for the 'ComGetLogFile.php3' argument
and view arbitrary files outside the webroot directory. Restrict access to port 8090 for trusted clients only.
Signature ID: 1276
Eagletron TrackerCam 'fn' Parameter 'ComGetLogFile.php3' Script Log Information
Disclosure Vulnerability
Threat Level: Warning
Industry ID: CVE-2005-0481
Bugtraq: 12592
Signature Description: TrackerCam is the official software for TrackerPod, a robotic tripod used to provide movement
to a webcam but this software can be used with any webcam. TrackerCam version 5.12 and earlier are vulnerable to an
information disclosure vulnerability via 'ComGetLogFile.php3' script. By default TrackerCam runs on TCP Port 8090
and acts as a webserver. A remote attacker can send HTTP request for the 'ComGetLogFile.php3' script with a known
log filename as argument via 'fn' parameter and view the log contents which may disclose sensitive information.
Restrict access to port 8090 for trusted clients only.