TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
181
Signature ID: 1310
Mozilla Firefox iframe.contentWindow.focus Deleted Object Reference Vulnerability
Threat Level: Severe
Industry ID: CVE-2006-1993
Bugtraq: 17671
Signature Description: Mozilla Firefox is a free, open source, cross-platform graphical web browser. Firefox provides a
facility to load the web pages in sidebar web panel. Mozilla Firefox version 1.5.0.2 is prone to a vulnerability when
rendering malformed JavaScript content. An attacker could exploit this issue to cause the browser to fail or potentially
execute arbitrary code. The vulnerability is caused by a memory corruption vulnerability that can occur when
"designMode" is set to "on". A successful attack can result in execution of arbitrary code or cause a victim's browser to
crash by creating a malicious Web page that uses the contentWindows.focus() JavaScript control to reference a deleted
object.
Signature ID: 1311
Basilix Webmail Incorrect File Permissions Vulnerability
Threat Level: Warning
Industry ID: CVE-2001-1044 Bugtraq: 2198 Nessus: 10601
Signature Description: Webmail is to check e-mail from any computer with Internet access without downloading
messages to the local computer. We can also send attachments, create an address book and signature file, filter mail
using rules, and use folders to sort and manage messages. Murat Arslan, BasiliX Webmail 0.9.7beta version is
vulnerable to directory traversal.<br>Basilix is a PHP and IMAP based Webmail application that uses the MySQL
database server. If the Web server is not configured to recognize files with ".class" or ".inc" extensions as PHP scripts,
a remote attacker can send an HTTP request to view these files, which may contain sensitive data, such as the MySQL
password and username information.
Signature ID: 1312
BulletScript MailList bsml.pl Information Disclosure Vulnerability
Threat Level: Warning
Bugtraq: 9311 Nessus: 11973
Signature Description: BulletScript MailList is a cgi script used to handle mailing lists. A directory traversal
vulnerability exists in the BulletScript MailList software all versions, that may allow remote attackers to gain access to
sensitive information. A remote attacker could send a specially-crafted request to bsml.pl script with invalid values to
"action" parametr, then the attacker can gather information via these attacks may aid an attacker in mounting further
attacks against a vulnerable system and the affected users.
Signature ID: 1313
CPanel resetpass remote command execution Vulnerability
Threat Level: Warning
Industry ID: CVE-2004-1769 Bugtraq: 9848
Signature Description: CPanel (control Panel) is a graphical web-based web-hosting control panel, designed to
simplify administration of websites. cPanel handles aspects of website administration in its interface. cPanel cPanel 9.1,
cPanel cPanel 9.0, cPanel cPanel 8.0, cPanel cPanel 7.0, cPanel cPanel 6.4.2 .STABLE_48, cPanel cPanel6.4.2, cPanel
cPanel 6.4.1, cPanel cPanel 6.4, cPanel cPanel 6.2, cPanel cPanel 6.0, cPanel cPanel 5.3, cPanel cPanel 5.0 are
vulnerable versions. An attacker could send a malicious URI request to the affected script, the attacker may then supply
shell metacharacters and arbitrary commands as a value for the affected variable. After received this type of the request
from the user not validating properly the user supplied data to the script that handles resetting user passwords, then
remote command execution is possible.