TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
253
arbitrary code on a vulnerable system by supplying a path to a malicious file on a remote system via the "$IP" variable.
Affected versions are MediaWiki-stable 20031107 and MediaWiki-stable 20030829. This signature detects access to
GlobalFunctions.php.
Signature ID: 1856
WEB-PHP IGeneric Free Shopping Cart page.php access Vulnerability
Threat Level: Information
Bugtraq: 9773
Signature Description: IGeneric Free Shopping Cart is a freely available shopping cart implemented in PHP with a
MySQL backend. IGeneric Free Shopping Cart (iGeneric Free Shopping Cart version 1.4) is vulnerable to cross-site
scripting. A remote attacker could embed malicious script within the type_id variable in a URL request to the page.php
script, which would be executed in the victim's web browser, once the link is clicked. An attacker could use this
vulnerability to steal the victim's cookie-based authentication credentials. No remedy available as of August 2008.
Signature ID: 1857
WEB-PHP IdeaBox cord.php file include Vulnerability
Threat Level: Information
Bugtraq: 7488
Signature Description: PhpOutsourcing IdeaBox is a web-based suggestion box. It is available for a variety of
platforms including Microsoft Windows and Linux and Unix. IdeaBox (PhpOutsourcing IdeaBox versions 1.0,1.1)
could allow a remote attacker to include malicious PHP files. By sending a specially-crafted URL request to the
generformlib_date.php, notification.php, zmail.php, user.php, globalsettings.php, init.php, idea.php, history.php or
cord.php scripts using the $gorumDir or $ideaDir variable to specify a malicious PHP file on a remote system, a remote
attacker can use this vulnerability and execute arbitrary code on the affected server. No remedy available as of August
2008. This signature detects traffic to cord.php.
Signature ID: 1858
WEB-PHP IdeaBox notification.php file include Vulnerability
Threat Level: Information
Bugtraq: 7488
Signature Description: PhpOutsourcing IdeaBox is a web-based suggestion box. It is available for a variety of
platforms including Microsoft Windows and Linux and Unix. IdeaBox (PhpOutsourcing IdeaBox versions 1.0,1.1)
could allow a remote attacker to include malicious PHP files. By sending a specially-crafted URL request to the
generformlib_date.php, notification.php, zmail.php, user.php, globalsettings.php, init.php, idea.php, history.php or
cord.php scripts using the $gorumDir or $ideaDir variable to specify a malicious PHP file on a remote system, a remote
attacker can use this vulnerability and execute arbitrary code on the affected server. No remedy available as of August
2008. This signature detects traffic to notification.php.
Signature ID: 1859
WEB-PHP Invision Board emailer.php file include Vulnerability
Threat Level: Information
Bugtraq: 7204
Signature Description: Invision Board is web forum software. It is implemented in PHP and it is available for Unix and
Linux and Microsoft Windows operating systems. Invision Power Board 1.1.1 version is a vulnerable version. If the
register_globals and allow_url_fopen are enabled, a remote attacker could send a specially-crafted URL request to the
ad_member.php script that specifies a malicious file from a remote system as a parameter, a remote attacker could
execute code on the vulnerable Web server.