TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
252
Signature ID: 1850
WEB-PHP DCP-Portal remote file include editor script vulnerability
Threat Level: Warning
Industry ID: CVE-2006-4837 Bugtraq: 6525,20024
Signature Description: DCP-Portal is a content management system that enables various web based updates. It enables
an administrator to remotely manage the entire site, and allow members to submit news or content and reviews etc.
DCP-Portal(DCP-Portal version 6.0) could allow remote attackers to include arbitrary files. A remote attacker could
send a specially-crafted URL to the library/editor/editor.php script using the root parameter. An attacker could use this
vulnerability to execute arbitrary PHP code in the vulnerable web server. No remedy available as of September, 2008.
Signature ID: 1852
WEB-PHP DNSTools administrator authentication bypass Vulnerability
Threat Level: Information
Industry ID: CVE-2002-0613 Bugtraq: 4617
Signature Description: DNSTools is a web based management tool for DNS information. It is implemented in PHP,
and available for Liunx and solaris. DNSTools(DNSTools version 2.0b2 and prior) could allow a remote attacker to
bypass authentication and modify DNS entries. A remote attacker could send a specially-crafted URL request to the
dnstools.php script containing manipulated values for the user_dnstools_administrator to gain administrator access to
DNSTools. Upgrade to the latest version of DNSTools(2.0 beta 5 or later), available at vendor's website.
Signature ID: 1853
WEB-PHP DNSTools authentication bypass Vulnerability
Threat Level: Information
Industry ID: CVE-2002-0613 Bugtraq: 4617
Signature Description: DNSTools is a web based management tool for DNS information. It is implemented in PHP,
and available for Liunx and solaris. DNSTools(DNSTools version 2.0b2 and prior) could allow a remote attacker to
bypass authentication and modify DNS entries. A remote attacker could send a specially-crafted URL request to the
dnstools.php script containing manipulated values for the user_logged_in to gain administrator access to DNSTools.
Upgrade to the latest version of DNSTools(2.0 beta 5 or later), available at vendor's website.
Signature ID: 1854
WEB-PHP MediaWiki DatabaseFunctions.php access Vulnerability
Threat Level: Information
Bugtraq: 9057
Signature Description: A vulnerability has been reported in MediaWiki, which can be exploited by malicious people to
compromise a vulnerable system.The vulnerability is caused due to an input validation error in "UpdateClasses.php",
"Title.php", "Setup.php", "GlobalFunctions.php", and "DatabaseFunctions.php". This can be exploited to execute
arbitrary code on a vulnerable system by supplying a path to a malicious file on a remote system via the "$IP" variable.
Affected versions are MediaWiki-stable 20031107 and MediaWiki-stable 20030829. This signature detects access to
DatabaseFunctions.php.
Signature ID: 1855
WEB-PHP MediaWiki GlobalFunctions.php access Vulnerability
Threat Level: Information
Bugtraq: 9057
Signature Description: A vulnerability has been reported in MediaWiki, which can be exploited by malicious people to
compromise a vulnerable system.The vulnerability is caused due to an input validation error in "UpdateClasses.php",
"Title.php", "Setup.php", "GlobalFunctions.php", and "DatabaseFunctions.php". This can be exploited to execute