TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
195
indexed by numerous search engines. <br>By default there are some files or directories which are world readable. This
misconfiguration may allow an attacker to gather the credit card numbers of clients.
Signature ID: 1379
Mountain-net WebCart Exposed Orders Vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0610 Bugtraq: 2281 Nessus: 10298
Signature Description: WebCart is a web commerce product provided by Mountain Network Systems, Inc. Default
installations of Mountain Network Systems Inc. WebCart 1.0 are vulnerable to information disclosure due to
misconfiguration of access policies. The program writes customer order information in remotely accessible text
files.This information includes credit card details and other sensitive information. This signature detects access to
'/webcart-lite' file.
Signature ID: 1380
O'Reilly Software WebSite 'webfind.exe' Buffer Overflow Vulnerability
Threat Level: Warning
Industry ID: CVE-2000-0622 Bugtraq: 1487
Signature Description: O'Reilly Software WebSite Professional is a web server package distributed by O'Reilly &
Associates. OReilly Software WebSite Professional 2.4.9, OReilly Software WebSite Professional 2.4, OReilly
Software WebSite Professional 2.3.18 versions of this web server containing a remotely exploitable buffer overflow.
The utility in question is a search engine utility titled 'webfind.exe'. This program takes unchecked user input from a
provided search page which can result in a remote user launching arbitrary commands on the server itself. The variable
in question which is overwritten(overly long 'keywords' parameter value) is QUERY_STRING derived from user
'keywords' for their search.
Signature ID: 1381
NT Index Server Directory Traversal Vulnerability
Threat Level: Warning
Industry ID: CVE-2000-0097 Bugtraq: 950
Signature Description: Index Server, Microsoft Index Service allows the contents of files to be indexed to enable free-
text searching. What that means to the Intranet Developer is that you can have an Intranet with in excess of 2000
documents and allow users to quickly find those most relevant to them. Microsoft Indexing Services for Windows 2000
and Microsoft Index Server 2.0 version are vulnerable, these verions software allows a remote attacker to access
arbitrary files outside of the web path. A malicious user(remote attacker) could send a URI request specifically
traversal style attacks (../../) supplied via the "CiWebHitsFile" variable. The issue is due to the webhits.dll library not
properly validating the user input. By supplying this type of crafted request to an htw script, it is possible to read
arbitrary files on the system.
Signature ID: 1382
Extropia WebStore Directory Traversal Vulnerability
Threat Level: Warning
Industry ID: CVE-2000-1005 Bugtraq: 1725,1774
Signature Description: WebStore is the culmination of eXtropia's experience with online shopping applications. It
merges both the Electronic Outlet HTML and Database versions and adds all new routines for error handling, order
processing, encrypted mailing, frames, Javascript and VBscript and other goodies. Extropia WebStore 1.0 and Extropia
WebStore 2.0 versions are allowing remote attacker to view any file accessible to the web_store.cgi script, The script
does not validate properly the user given inputs to web_store.cgi script. A malicious user(remote attacker) could send a
specially crafted URL request to web_store.cgi script, <br>the attacker can bypass the file extension check by adding a
null character (%00) to the URL, followed by the .html file extension to view non-HTML files. By including "dot dot"