TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

221

222

223

224

225

226

227

228

229

230

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

229

Signature ID: 1711

WEB-IIS /StoreCSVS/InstantOrder.asmx request Vulnerability

Threat Level: Information

Signature Description: Microsoft IIS(Internet Information Server) is a group of Internet servers including Hypertext

Transfer Protocol service and a File Transfer Protocol service. It was developed <br>by Microsoft. InstantOrder.asmx

provides automated ordering services. This services exposes a programmatic interface that enables users to transfer new

orders from their web sites or Web-connected programs directly to the Commerce site. This rule will trigger when an

attacker attempt to access InstantOrder.asmx. The successful exploitation of this issue will allow an attacker to gain

information.

Signature ID: 1712

Microsoft IIS 4.0 samples directory access Vulnerability

Threat Level: Information

Industry ID: CVE-1999-0736 Bugtraq: 167 Nessus: 1007,10007

Signature Description: Microsoft IIS(Internet Information Server) is a group of Internet servers including a Web or

Hypertext Transfer Protocol server and a File Transfer Protocol server. It was developed by Microsoft. This rule gets

hit when an attempt is made to access /msadc/samples directory under Microsoft IIS. IIS 4.0 with default installation

contains some vulnerable scripts in samples directory which may show source code of IIS files. An attacker may use

this information in constructing further attacks.

Signature ID: 1713

EarlyImpact ProductCart SQL Injection Vulnerability

Threat Level: Information

Industry ID: CVE-2004-2173 CVE-2004-2174 Bugtraq: 8103,9669,9669 Nessus: 11785

Signature Description: EarlyImpact ProductCart is a shopping cart software to sell products and services online. This

rule gets hit when an attempt is made to access EarlyImpact ProductCart search scripts or login script. An SQL

Injection vulnerability exists in the search files advSearch_H.asp, advSearch_I.asp, advSearch_L.asp,

advSearch_M.asp, advSearch_P.asp and the customer login page custva.asp. All versions prior to 2.0 are affected.

Signature ID: 1715

Microsoft IIS 1.0 Directory traversal attempt Vulnerability

Threat Level: Information

Industry ID: CVE-1999-0229

Bugtraq: 2218

Signature Description: Microsoft Internet Information Server (IIS) is a web server that ships with Windows platform.

This rule gets hit when an attempt is made to access Microsoft Internet Information Service (IIS) 1.0 hosts by a

malformed request. IIS 1.0 servers are vulnerable to a denial of service attack when a malformed request containing

"..\.." is sent to the server. The service must be restarted to restore functionality.

Signature ID: 1716

Persits ASPUpload 2.1 DirectoryListing.asp access Vulnerability

Threat Level: Information

Industry ID: CVE-2001-0938 Bugtraq: 3608

Signature Description: This rule gets hit when an attempt is made to access DirectoryListing.asp via HTTP. Persits

ASPUpload is an Active Server component that allows users to upload files to ASP programs using a Web browser.

The sample script 'DirectoryListing.asp' which is installed by default allows a remote user to browse directories, and

download any file located on the server. Persits ASPUpload 2.1 is vulnerable.