TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

251

252

253

254

255

256

257

258

259

260

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

255

request to the index.php script using the 'file' variable, which would cause arbitrary commands to be executed on the

local shell of the host running the vulnerable Web site with privileges of the Web server process. Upgrade to the latest

version of PHP-Nuke(5.5 or later), available at vendor's website.

Signature ID: 1865

PHP-Wiki Cross-Site Scripting Vulnerability

Threat Level: Information

Industry ID: CVE-2002-1070 Bugtraq: 5254

Signature Description: PHPWiki( PhpWiki version 1.3.3 and prior) contains a flaw that allows a remote cross site

scripting attack. This flaw exists because the application does not validate the pagename variable in the wiki module.

This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within

the trust relationship between the browser and the server, leading to a loss of integrity. No remedy available as of

Spetember, 2008.

Signature ID: 1866

PhpBB viewforum.php and viewtopic.php scripts allow cross-site scripting Vulnerability

Threat Level: Information

Industry ID: CVE-2004-1809 Bugtraq: 9866 Nessus: 12093

Signature Description: PHPBB(PHP Bulletin Board) is the most widely used forum script currently on the web. This is

free and very powerful piece of software. It is easy to install and administer and allow flexibility in terms of design and

organization. PhpBB(PhpBB version 2.0.6d and prior) is a cross-site scripting vulnerability. A remote attacker could

embed malicious code in a specially-crafted URL request to the viewforum.php or viewtopic.php script, once the link is

clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.

Signature ID: 1867

PHPLIB remote script execution vulnerability

Threat Level: Information

Industry ID: CVE-2001-1370 Bugtraq: 3079

Signature Description: The PHP Base Library('PHPLIB') is a code library which provides support for session

management in web applications. It is targeted to developers and is widely used in many web applications, so a strong

possibility exists that an application may be using it without the knowledge of the administrator.A problem in

PHPLIB(PHPLIB versions 7.2, 7.2b, 7.2c, and 7.2.1) will allow remote attackers to submit malicious input in web

requests that will cause the application to fetch and then execute scripts from another host.This may allow for attackers

to gain local access to the web server. Upgrade to the latest version of PHPLIB(7.2d-1 tr or later).

Signature ID: 1868

PHPNuke Forum Module Viewtopic.php SQL Injection Vulnerability

Threat Level: Information

Bugtraq: 7193

Signature Description: PHP-Nuke is a web based automated news publishing and content management system based

on PHP and MySQL. The system is fully controlled using a web-based user interface. PHP-Nuke(PHP-Nuke versions

6.0, 6.5 rc2) is a SQL injection vulnerability. An input validation error exists in the 'viewtopic.php' script included with

PHPNuke as part of the Forum module. Because of this, an attacker could send a malicious string through PHPNuke

that would allow the attacker to inject SQL commands and queries into the SQL database used by PHPNuke. No

remedy available as of September, 2008.