Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
21222324252627282930
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
25
For instance, the request : http://example/cgi-bin/GW5/GWWEB.exe?HELP=some_bad_request will reveal path
information, and http://example/cgi-bin/GW5/GWWEB.exe?HELP=../../../../../../index will list .htm and .html files.
Signature ID: 145
Access to vulnerable CGI nph-publish.cgi
Threat Level: Severe
Industry ID: CVE-1999-1177 CVE-2001-0400 Bugtraq: 2563 Nessus: 10164
Signature Description: The nph-publish.cgi script allows Apache to "publish" files created with Netscape Navigator
Gold or one of the other HTML editors.This CGI has a well known directory traversal vulnerability in versions prior to
version 1.2 that allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the path name for an upload
operation.
Signature ID: 146
Multiple Vendor nph-test-cgi Vulnerability
Threat Level: Severe
Industry ID: CVE-1999-0045 Bugtraq: 686 Nessus: 10165
Signature Description: No Parsed Headers scripts are scripts that print the entire HTTP response including all
necessary header fields. The web server is thereby instructed not to parse the headers or add any missing headers. A
security hole exists in the nph-test-cgi script included in most UNIX based web server distributions. The problem is
that nph-test-cgi, which prints out information on the current web environment (just like 'test-cgi' does) does not
enclose its arguments to the 'echo' command inside of quotes("). Hence, an attacker can use. An attacker can hence
browse the server's file system using specially crafted GET requests.
Signature ID: 148
Oracle XSQL Sample Application Vulnerability
Threat Level: Warning
Nessus: 10613
Signature Description: Oracle Application Server is a J2EE-certified application server. Oracle 9i AS integrates the
technology required to develop and deploy e-business portals, transactional applications, and Web services into a single
product. It installs with sample pages that demonstrate various functions of the software. Many of these pages can be
used by attackers to breach the security of the system. Specially crafted requests to
'/xsql/java/xsql/demo/adhocsql/query.xsql' can be used to run arbitrary SQL queries(under an unprivileged account)
using 'sql' parameter. Though the user cannot modify or delete the data in the database, he can use this vulnerability to
enumerate database users and view table names.
Signature ID: 149
MacOS X Finder reveals contents of Apache Web directories vulnerability
Threat Level: Warning
Industry ID: CVE-2001-1446 Bugtraq: 3316,3325,3324 Nessus: 10756
Signature Description: Mac OS X is a line of computer operating systems developed, marketed, and sold by Apple
Inc,which come pre-loaded on Macintosh computers. 'Finder' is the default application program used on the Mac OS
and Mac OS X operating systems that is responsible for the overall user-management of files, disks, network volumes
and the launching of other applications. MacOS X creates a hidden file, '.DS_Store' in each directory that has been
viewed with the 'Finder'. This file contains a list of the contents of the directory. In Apple Mac OS X 10.0 to 10.0.3
having Apache Software Foundation Apache 1.3.14 Mac webserver installed, an attacker can access this file through
mixed case file requests. Accessing this file gives an attacker information about the structure and contents of the
webserver.