TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
185
MySQL database on backend for all data handling. PHP-Survey, 20000615 and prior, could allow a remote attacker to
gain sensitive information. This issue is triggered when an attacker submits an HTTP request for the global.inc
file(Global.inc holds the database information, and it contains user names, passwords). This successful exploitation can
allow an attacker to gain sensitive information such as user names, passwords, and the localhost. No remedy available
as of September, 2008.
Signature ID: 1330
Oracle 9IAS OracleJSP Information Disclosure vulnerability
Threat Level: Warning
Industry ID: CVE-2002-0562
CVE-2002-0565 Bugtraq: 4034 Nessus: 10850
Signature Description: The Oracle Application Server is a platform for developing, deploying, and integrating
enterprise applications. This software is produced and marketed by Oracle Corporation. Oracle 9i Application
Server(9iAS) comes with an Apache-based web server and support for environments such as SOAP, PL/SQL, XSQL
and JSP. A file called ‘globals.jsa’ is available on the server without user restrictions if the default
settings are used. Sensitive information including user names and passwords are stored in this file. Information
obtained by attacker can then be used in further attacks.
Signature ID: 1332
IRIX cgi-bin handler access vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0148 Bugtraq: 380 Nessus: 10100
Signature Description: The IRIX is Operating system, this operating system is the leading technical high-performance
64-bit operating system based on industry-standard UNIX. SGI has been designing scalable platforms based on the
IRIX operating system to connect technical and creative professionals to a world of innovation and discovery. SGI
IRIX 6.4, SGI IRIX 6.3, SGI IRIX 6.2 and SGI IRIX 5.3 are vulnerable versions to execute arbitrary code. A
vulnerability exists in the cgi-bin program 'handler', as included by Silicon Graphics in their Irix operating system. So
these vulnerable versions will allow a remote attacker to execute arbitrary commands on the vulnerable host as the user
the web server is running as. This can easily result in a user being able to access the system. This signature generate log
"/cgi-bin/handler/" accessing.
Signature ID: 1333
IRIX cgi-bin handler execute arbitrary commands vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0148
Bugtraq: 380 Nessus: 10100
Signature Description: The IRIX is Operating system, this operating system is the leading technical high-performance
64-bit operating system based on industry-standard UNIX. SGI has been designing scalable platforms based on the
IRIX operating system to connect technical and creative professionals to a world of innovation and discovery. SGI
IRIX 6.4, SGI IRIX 6.3, SGI IRIX 6.2 and SGI IRIX 5.3 are vulnerable versions to execute arbitrary code. A
vulnerability exists in the cgi-bin program 'handler', as included by Silicon Graphics in their Irix operating system. So
these vulnerable versions will allow a remote attacker to execute arbitrary commands on the vulnerable host as the user
the web server is running as. This can easily result in a user being able to access the system.
Signature ID: 1334
Htgrep access attempt vulnerability
Threat Level: Warning
Industry ID: CVE-2000-0832
Signature Description: Htgrep is a cgi-bin script written in perl, and can be used with any http server that supports cgi-
bin scripts. Linux, Kernel and Microsoft, Windows NT 4.0 and Various vendors, Unix are vulnerable to obtain
sensitive information, the vulnerability existed in Htgrep CGI. An attacker can send a request by adding a header and
footer file to the search input to view arbitrary files in the Web server's directory with the privileges of the Web user.