TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
261
Signature ID: 1891
WEB-PHP WebChat english.php file include Vulnerability
Threat Level: Information
Industry ID: CVE-2007-0485
Bugtraq: 7000,22153
Signature Description: WebChat is an open-source PHP-based chat program, developed by Webdev. WebChat version
0.77 could allow a remote attacker to include malicious PHP files. A remote attacker could send a specially-crafted
URL request to the defines.php script that specifies the db_mysql.php or english.php script from a remote system as a
parameter, which would allow the attacker to execute code on the vulnerable Web server. Upgrade the latest version of
WebChat, available at vendor's website.
Signature ID: 1892
WEB-PHP YaBB SE packages.php file include Vulnerability
Threat Level: Information
Bugtraq: 6663
Signature Description: YaBB (Yet Another Bulletin Board) is an open-source bulletin board system that runs on any
system capable of executing Perl CGI scripts. YaBB SE versions prior to 1.5.0 could allow a remote attacker to include
malicious PHP files. A remote attacker could use the $sourcedir variable with the Packages.php script that specifies the
Packer.php script from a remote system as a parameter, which would allow the attacker to execute code on the
vulnerable Web server. No remedy available as of 2008.
Signature ID: 1894
WEB-PHP Nuke Remote File Copy Vulnerability
Threat Level: Information
Industry ID: CVE-2001-1032 Bugtraq: 3361
Signature Description: PHP-Nuke is a web based automated news publishing and content management system based
on PHP and MySQL. The system is fully controlled using a web-based user interface. PHP-Nuke(PHP-Nuke versions
5.0, 5.0.1, 5.1, and 5.2) could allow a remote attacker ot overwrite files on the web server, caused by vulnerability in
the admin.php script. When the admin.php script is requested with the 'upload' variable set, the script fails to check
whether the user is an administrator. A remote attacker could exploit this vulnerability to copy, upload, and overwrite
arbitrary files on the Web server. No remedy available as of August, 2008.
Signature ID: 1896
VBulletin Calendar.PHP Command Execution Vulnerability
Threat Level: Severe
Industry ID: CVE-2002-1660 CVE-2004-1785 CVE-2002-2157 Bugtraq: 5820,9353 Nessus: 11179
Signature Description: VBulletin is a programme that is used to create Internet Forums or Message Boards. vBulletin
was written in PHP using a MySQL database server. vBulletin(vBulletin versions 2.2.0 and prior) could allow a remote
attacker to execute commands on the server. A remote attacker could pass arbitrary shell commands(such as ;,:,|,/,\) to
the web server using an HTTP request to the calender.php script, which would be executed on the system with
privileges of the user.
Signature ID: 1897
WEB-PHP E107 chatbox.php DOS Vulnerability
Threat Level: Information
Industry ID: CVE-2003-1191 Bugtraq: 8930
Signature Description: E107 is an open source content management system(CMS) that allow for the quick creation and
management of websites or community portals. E107(e107 versions 0.545, 0.603) is a vulnerable to a denial of service.
The issue has been reported to exist due to improper handling of user-supplied data in the form of HTML or script code
to the 'Name:' field of Chatbox.php script. This issue may cause the software to behave in an unstable manner leading