TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
188
Signature ID: 1344
EZMall2000 Credit Card Exposure Vulneribility
Threat Level: Warning
Industry ID: CVE-1999-0606 Bugtraq: 2266
Signature Description: EZMall 2000 is an e-commerce application designed to handle the online purchases of products
by customers. However,when the package is improperly configured, search engines may index the data of customers,
including sensitive information such as credit card numbers. Seaside Enterprises EZMall 2000.0 is vulnerable version.
This makes it possible for a user with malicious motives to use search engines as a means of finding vulnerable sites,
and then visiting the sites to gain sensitive information such as credit card numbers, addresses, and other personal
information.
Signature ID: 1345
Mkplog.exe access
Threat Level: Information
Signature Description: This event is generated when an attempt is made to exploit a known vulnerability on a web
server or a web application resident on a web server
Signature ID: 1346
Oracle 9I Application Server PL/SQL Apache Module Directory Traversal Vulnerability
Threat Level: Warning
Industry ID: CVE-2001-1217 CVE-2000-1235 Bugtraq: 3727,2150 Nessus: 10849,10854
Signature Description: Oracle 9i Application Server comes with an Apache-based web server and support for
environments such as SOAP, PL/SQL, XSQL and JSP.The PL/SQL Apache module for Oracle 9iAS provides
functionality for remote administration of the Database Access Descriptors and access to help pages. Oracle,
Application Server 9i is vulnerable to directory traversal. A remote attacker can send a specially-crafted web request
contained double encoded variations of dot-dot-slash (../) sequences to effectively break out of the 'admin' directory. If
the attacker can browse the file system of the host, they can display the contents of arbitrary web-readable files. This is
only an issue on Microsoft Windows NT/2000 operating systems.
Signature ID: 1347
Brightstation Muscat Root Path Disclosure Vulnerability
Threat Level: Warning
Industry ID: CVE-2001-0224
Bugtraq: 2374 Nessus: 10609
Signature Description: Brightstation Muscat is a search engine application. It is possible to get the physical location of
a virtual web directory of a host in Brightstation. Brightstation Muscat 1.0 is vulnerable to gain access to the database
directory path. A remote attacker can send a specially-crafted URL with an invalid database path request to the
Empower CGI script to cause the script to return an error message that reveals the actual database path. This
information could be useful in future attacks. Successful exploitation of this vulnerability could enable a remote user to
gain access to confidential information, which may assist in further attacks against the host.
Signature ID: 1348
Nessus 1.X 404 probe Vulnerability
Threat Level: Information
Signature Description: Nessus is a great tool designed to automate the testing and discovery of known security
problems. The remote web server is configured in that it does not return '404 Not Found' error codes when a non-
existent file is requested, perhaps returning a site map, search page or authentication page instead.