TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

261

262

263

264

265

266

267

268

269

270

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

266

visitor opens the page, the server processes the PHP commands and then sends the results to the visitor's browser. This

rule will triggers when an attacker request to the '.php' files with the 'path' parameter. The successful exploitation of this

issue will allow an attackers to execute arbitrary PHP code.

Signature ID: 1919

WEB-PHP rolis guestbook access Vulnerability

Threat Level: Warning

Bugtraq: 9057

Signature Description: MediaWiki 'IP' is vulnerable to Parameter Remote File Include.The problem occurs due to

insufficient input validation carried out on user-supplied URI parameters. As a result, an attacker may be capable of

causing a malicious PHP header file to be interpreted by a target system. Depending on the payload, this could

potentially allow an attacker to gain unauthorized remote access to a vulnerable system. Vulnerable platforms are

MediaWiki-stable 20031107 and MediaWiki-stable 20030829

Signature ID: 1920

WEB-PHP rolis guestbook remote file include Vulnerability

Threat Level: Warning

Bugtraq: 9057

Signature Description: MediaWiki 'IP' is vulnerable to Parameter Remote File Include. The problem occurs due to

insufficient input validation carried out on user-supplied URI parameters. As a result, an attacker may be capable of

causing a malicious PHP header file to be interpreted by a target system. Depending on the payload, this could

potentially allow an attacker to gain unauthorized remote access to a vulnerable system. Vulnerable platforms are

MediaWiki-stable 20031107 and MediaWiki-stable 20030829

Signature ID: 1921

WEB-PHP smssend.php access Vulnerability

Threat Level: Warning

Industry ID: CVE-2002-0220 Bugtraq: 3982

Signature Description: PhpSmsSend is a front end to the SmsSend program, and allows users to send SMS messages

through a web interface. SmsSend is available for Linux and Microsoft Windows. PhpSmsSend 1.0 does not properly

validate user supplied input which is passed to a shell command. A malicious party may include escape characters such

as '`' in the input, and execute additional, arbitrary shell command. This may lead to local access to the vulnerable

system.

Signature ID: 1922

WEB-PHP squirrel mail spell-check arbitrary command Vulnerability

Threat Level: Warning

Bugtraq: 3952

Signature Description: SquirrelMail is a feature rich webmail program implemented in the PHP4 language. It is

available for Linux and Unix based operating systems. The vulnerability exist in, one of the plugins included with

SquirrelMail is SquirrelSpell, a spellchecker script. The remote user can call this script with additional shell commands

included in these variables. The shell commands will then be executed as the web server, which is possible to gain local

access to the machine as the non-privileged user 'nobody'.

Signature ID: 1923

WEB-PHP squirrel mail theme arbitrary command Vulnerability

Threat Level: Severe

Industry ID: CVE-2002-0516 Bugtraq: 4385

Signature Description: SquirrelMail is a feature rich webmail program implemented in the PHP4 language. It is