TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

251

252

253

254

255

256

257

258

259

260

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

256

Signature ID: 1869

PayPal Store Front index.php Remote File Include Vulnerability

Threat Level: Warning

Bugtraq: 8791 Nessus: 11873

Signature Description: PayPal is an online shopping cart system that lets anyone with an email address securely send

and receive online payments using their credit card or bank account. PayPal requires PHP4 and MySQL database on a

Unix or Linux-base operating system. PayPal(PayPal version 3.0) Store Front could allow a remote attacker to include

malicious PHP files, caused by a vulnerability in the index.php script. By sending a specially-crafted URL request to

the index.php script using the 'page' variable, an attacker can use this vulnerability to execute arbitrary code on the

vulnerable web server. No remedy available as of September, 2008.

Signature ID: 1870

WEB-PHP Phorum Multiple Cross-Site Scripting/HTML Injection Vulnerabilities

Threat Level: Information

Industry ID: CVE-2004-0034 Bugtraq: 9361

Signature Description: Phorum is an open source message board system written in PHP. The package is designed to

add enhanced features to a web page, allowing users to interact through bulletin board style chats forums.

Phorum(PHP, Phorum versions 3.4, 3.4.1, and 3.4.5) is a cross-site scripting vulnerability. A remote attacker could

create a malicious URL link containing embedded script to the common.php, profile.php, or login.php scripts, once the

link is clicked. An attacker can use this vulnerability to execute arbitrary code on the vulnerable server.

Signature ID: 1871

WEB-PHP Phorum Arbitrary File Read Vulnerability

Threat Level: Information

Bugtraq: 1997

Signature Description: Phorum is an open source message board system written in PHP. The package is designed to

add enhanced features to a web page, allowing users to interact through bulletin board style chats forums.

Phorum(Phorum version 3.0.x) could allow a remote attacker to traverse directories on the server. By sending a

specially-crafted common.php URL containing "dot dot" sequences(/../) to read files on the web server. An attacker can

use this vulnerability to obtain sensitive information, such as valid accounts. Upgrade the latest version of Phorum,

available at vendor's website.

Signature ID: 1872

WEB-PHP Phorum admin access Vulnerability

Threat Level: Information

Industry ID: CVE-2000-1228 Bugtraq: 2271

Signature Description: Phorum can allow remote users access to restricted files on the local system. This is due to the

handling of passwords by the program. By sending a custom crafted string to the admin.php3 script, it's possible to

change the administrative password of the board without verification of the users credentials. The "default.langname

name" field in the Master settings can then be changed to any file of the users liking, which upon reload, will be output

as the page. This problem makes it possible for a user with malicious motives to take control of the message board,

read any file on the system, and potentially gain remote access. Phorum 3.0.7 is a Vulnerable version. Upgrade the

latest version of Phorum 3.2.11, available at vendor's website.

Signature ID: 1873

WEB-PHP Phorum authentication access Vulnerability

Threat Level: Information

Industry ID: CVE-2000-1230 Bugtraq: 2274