Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
11121314151617181920
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
19
applications which allow code injection by malicious web users into the web pages viewed by other users. Horde IMP
is a powerful web-based mail interface/client developed by members of the Horde project. It is written in PHP and
provides webmail access to IMAP and POP3 accounts. All releases of Horde IMP Webmail prior to version 2.2.7 are
vulnerable to a cross-site scripting attack which can be used by an attacker to hijack a victim's IMP session.
Signature ID: 113
Info2www CGI Input Handling Vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0266 Bugtraq: 1995 Nessus: 10127
Signature Description: The info2www script allows HTTP server to serve information stored in the GNU Info Nodes.
GNU info nodes are hypertextual documents developed in Emacs editors which together form a multipage
documentation for users using a command line interface. They can be viewed locally using 'info' utility. The info2www
script version 1.1 or prior fail to properly parse input and can be used to execute commands on the server with
permissions of the web server, by passing commands as part of a variable. Potential consequences of a successful
exploitation involve anything the web server process has permissions to do, including possibly web site defacement.
Signature ID: 114
SGI InfoSearch fname Vulnerability
Threat Level: Warning
Industry ID: CVE-2000-0207 Bugtraq: 1031 Nessus: 10128
Signature Description: The InfoSearch package converts man pages and other documentation into HTML web content.
IRIX is a computer operating system developed by Silicon Graphics, Inc. to run natively on their 32- and 64-bit MIPS
architecture workstations and servers. A vulnerability exists in the 'InfoSearch' package as included by Silicon Graphics
in their IRIX operating system. In SGI IRIX 6.5.7 or prior, the search form uses 'infosrch.cgi' which does not properly
parse user input in the 'fname' variable, allowing commands to be executed at the webserver privilege level by remote
web users as demonstrated in 'http ://target/cgi-bin/infosrch.cgi?cmd=getdoc&db=man&fname=|/bin/id '.
Signature ID: 115
InterScan VirusWall Remote Configuration Vulnerability
Threat Level: Severe
Industry ID: CVE-2001-0432 Bugtraq: 2579 Nessus: 10733
Signature Description: Interscan Viruswall is a Virus scanning software package distributed and maintained by Trend
Micro. It is designed to scan for virus occurances in both incoming and outgoing traffic via SMTP, FTP, and HTTP at
the gateway of the network. Buffer overflows in various CGI programs in the remote administration service for Trend
Micro Interscan VirusWall 3.0.1 allow remote attackers to execute arbitrary commands. Additionally, the http daemon
used to execute these programs runs as root allowing a user to execute them directly.
Signature ID: 116
JJ sample CGI program Escape Character Vulnerability
Threat Level: Severe
Industry ID: CVE-1999-0260 Bugtraq: 2002 Nessus: 10131
Signature Description: The NCSA HTTPd was a web server originally developed at the NCSA by Robert McCool and
others.JJ is a sample CGI program distributed with NCSA HTTPd servers. Rob McCool jj.c 1.0 on NCSA httpd 1.5.2 a
or earlier passes unfiltered user data directly to the /bin/mail program, and as such can be used to escape to a shell using
the ~ character. The attacker must know the password the program requests, but by default the program uses
HTTPdRocKs or SDGROCKS. These default passwords must be changed in the program's source code. A successful
attacker can run arbitrary code with the privileges of the httpd server.