TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
263
Signature Description: Pod.board is a web-based portal/forum system. Implemented in PHP, The pod.board
'forum_details.php' script does not sufficiently sanitize data supplied via URI Parameters 'user_homepage',
'user_location', 'user_nick' and 'user_signature'and the corresponding input fields are not properly sanitized of HTML
tags. This could allow for execution of hostile HTML and script code in the web client of a user who visits a web page
that contains the malicious injected code.It is available for a range of systems, including Unix, Linux, and Microsoft
Windows.The vulnerable version is planetinsanity.de pod.board 1.1.0.
Signature ID: 1904
WEB-PHP VBPortal friends.php access Vulnerability
Threat Level: Warning
Bugtraq: 9088
Signature Description: VbPortal is a portal application which can be used in conjunction with vbBulletin forums. The
vulnerability is found in Friends.PHP script included in vbPortal, it may be possible for a remote attacker to relay
unauthorized e-mail. Issue occur in handling of the yname and ymail variables. These variables may be modified in the
headers, making it possible to define them as an arbitrary value. This could permit an attacker to send e-mail through
the server to any location, hiding behind the address of the vbPortal server. The vulnerable version is vbPortal vbPortal
2.0.0 alpha 8.1.
Signature ID: 1905
WEB-PHP gallery remote file include Vulnerability
Threat Level: Warning
Industry ID: CVE-2003-1227 Bugtraq: 8814 Nessus: 11876
Signature Description: Gallery is prone to a remote file include vulnerability in the index.php script file. when running
on Windows or in Configuration mode on Unix, allows remote attackers to inject arbitrary PHP code via a URL in the
GALLERY_BASEDIR parameter with the privileges of the web server. The Vulnerable versions are Gallery 1.4 -pl1
and Gallery 1.4.
Signature ID: 1906
WEB-PHP myPHPNuke chatheader.php Cross site scripting Vulnerability
Threat Level: Warning
Bugtraq: 6544
Signature Description: MyPHPNuke is a Web Portal System based on PHP-Nuke 4.4.1a. It is available for the Linux
and Microsoft Windows operating systems. The vulnerability exists in the chatheader.php and partner.php script files
included with myPHPNuke. Specifically, malicious HTML code is not properly sanitized from the value for the
'Default_Theme' URI parameter. This vulnerability was reported for myPHPNuke 1.8.8_final_7 and earlier versions.
This signature detects when the attacker sending XSS to chatheader.php script.
Signature ID: 1907
WEB-PHP myPHPNuke partner.php Cross site scripting Vulnerability
Threat Level: Warning
Bugtraq: 6544
Signature Description: MyPHPNuke is a Web Portal System based on PHP-Nuke 4.4.1a. It is available for the Linux
and Microsoft Windows operating systems. The vulnerability exists in the chatheader.php and partner.php script files
included with myPHPNuke. Specifically, malicious HTML code is not properly sanitized from the value for the
'Default_Theme' URI parameter. This vulnerability was reported for myPHPNuke 1.8.8_final_7 and earlier versions.
This signature detects when the attacker sending XSS to partner.php script.