TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

231

232

233

234

235

236

237

238

239

240

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

231

sites. There exists a vulnerability in NewsPro 1.01 that allows a remote attacker to gain unauthorized access to the

application. This vulnerability allows the attacker to set their authentication cookie to "logged,true" to gain

unauthorized administrator access to NewsPro. No remedy available as 2008.

Signature ID: 1724

Microsoft Windows SAM file access vulnerability

Threat Level: Information

Signature Description: This rule gets hit when an attempt is made to access the Windows Security Accounts Manager

(SAM) password file via a web request. The SAM password file contains Windows logins which are NTLM or

LANMAN hashes on Windows NT/2K/XP hosts. If an attacker can get the real SAM file and is able to gain clear text

passwords, the host can be compromised using the Administrator's login.

Signature ID: 1725

Microsoft SQL Server SQLXML contenttype Buffer Overflow Vulnerability

Threat Level: Information

Industry ID: CVE-2002-0186 Bugtraq: 5004

Signature Description: SQLXML is a component of SQL Server 2000, which enables SQL servers to receive and send

database queries via XML (Extensible Markup Language) format. IIS enables XML over HTTP using SQLXML HTTP

components, one of which is an ISAPI extension. The SQLXML ISAPI extension does not adequately validate the

length of the content-type parameter. As a result, an attacker could construct a URI with a specially crafted value for

content-type that triggers a buffer overflow on a vulnerable IIS server. An IIS server is only vulnerable if SQLXML is

enabled and configured to run over HTTP. Affected Platforms are Microsoft SQL Server 2000, Microsoft SQL Server

2000 Gold, Microsoft SQLXML 2, <br>Microsoft SQLXML 3, Microsoft Windows 2003 Server, Microsoft Windows

XP Professional.

Signature ID: 1726

SmarterTools SmarterMail frmCompose.aspx file access Vulnerability

Threat Level: Information

Industry ID: CVE-2004-2585 Bugtraq: 9805

Signature Description: SmarterTools SmartMail is a mail server application for Microsoft Windows. SmartMail 1.61 is

vulnerable to a cross-site scripting attack which exists in the page frmCompose.aspx. This vulnerability is due to

insufficient sanitization of user supplied data when using the spell check function. A successful exploitation of this

vulnerability allow an attacker to steal cookie-based authentication credentials on vulnerable system. This vulnerability

is fixed in SmartMail 1.62 version. Administrators are advised to update the SmartMail 1.62 version or later version to

resolve this issue.

Signature ID: 1727

SmarterTools SmarterMail frmGetAttachment.aspx Information Disclosure vulnerability

Threat Level: Information

Industry ID: CVE-2004-2586

Signature Description: SmarterTools SmartMail is a mail server application for Microsoft Windows. It is possible for a

malicious user to read any file on the system by using the file frmGetAttachment.aspx. SmarterMail 1.6.1511 and

1.6.1529 are vulnerable to a directory traversal. This vulnerability is due to insufficient sanitization of user supplied

data. A successful exploitation of this vulnerability allow an attacker to execute arbitrary commands on vulnerable

system.