TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
192
Signature ID: 1364
HP Web Jetadmin Remote Arbitrary Command Execution Vulnerability
Threat Level: Warning
Bugtraq: 9973 Nessus: 12120
Signature Description: HP Web Jetadmin is a simple, print and imaging peripheral management software tool that
helps optimize device utilization, control color costs, secure devices, and streamline supplies management by enabling
remote configuration, proactive monitoring, security, troubleshooting, and reporting of printing and imaging devices.
HP Web Jetadmin 7.5.2456 version is vulnerable to a remote arbitrary command execution. This issue is due to a
failure of the application to properly validate and sanitize user supplied input.<br>A malicious user(remote attacker)
could send a malicious request to setinfo.hts, after received this is not validating the uesr input to this script. Successful
exploitation of this issue will allow a malicious user to execute arbitrary commands on the affected system.
Signature ID: 1365
Quikstore plain text administrator password access Vulnerability
Threat Level: Warning
Industry ID: CVE-2000-1188 CVE-1999-0607 Bugtraq: 1983,2049 Nessus: 10712
Signature Description: QuikStore is a commercial store front program providing order management,inventory,and
other e-commerce related functions to web sites.Certain versions of QuikStore stored the administrator name and
password in plain text in this configuration file, named "quikstore.cfg" in these versions. An unsecured default
installation leaves this file world-readable, giving remote intruders access to it through the web server.With access to
this file and the user/password combination contained in it,the intruder has full administrative access to the online
store.Quikstore Quikstore 1.0 is prone to this vulnerability
Signature ID: 1366
3COM OfficeConnect HTTP Port Router Denial of Service Vulnerability
Threat Level: Warning
Industry ID: CVE-2001-0740 Bugtraq: 2721
Signature Description: The OfficeConnect ADSL Wireless G Firewall Router is one of the latest all-in-one devices
from 3Com. 3Com OfficeConnect DSL Router 840 1.1.7 and 3Com OfficeConnect DSL Router 812 1.1.7 are
vulnerable versions, these versions are vulnerable to a denial of service attack. A malicious user(remote attacker) can
connect to the HTTP port, it is possible to reboot the router by connecting to the HTTP daemon, and requesting a
malformed URL containing a long character string, The router will power-cycle itself. This problem makes it possible
for a remote user to deny service to legitimate users of networks serviced by the router.
Signature ID: 1367
Netware 6.0 Tomcat source code viewer Vulnerability
Threat Level: Warning
Nessus: 12119
Signature Description: Apache HTTP Server is a very popular freely available web server that runs on a variety of
operating systems, including UNIX, Linux, and Microsoft Windows (Win32). This event is generated when an attempt
is made to access source.jsp on a Tomcat web server. an attacker can use directory traversal techniques when accessing
source.jsp to view hidden files and directories on the web server with the access privileges of the server.
Signature ID: 1368
Trend Micro InterScan eManager buffer overflow Vulnerability
Threat Level: Warning
Industry ID: CVE-2001-0958 Bugtraq: 3327 Nessus: 11747
Signature Description: Trend Micro InterScan eManager is a plug-in for InterScan which manages spam, message