TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
267
available for Linux and Unix based operating systems. SquirrelMail allows for extended functionality through a plugin
system. A vulnerability has been reported in some versions of SquirrelMail, it is possible to corrupt the variable used to
select a user's theme, through maliciously constructed cookie data and force the vulnerable script to execute arbitrary
commands.
Signature ID: 1924
WEB-PHP W4 Server Cgitest.exe Buffer Overflow Vulnerability
Threat Level: Warning
Bugtraq: 802
Signature Description: W4-Server 2.6a, 32-bits personal webserver by Antelope Software having flaw in Cgitest.exe
script. This compiled CGI script fails to perform bounds checking on user supplied data and is vulnerable to a buffer
overflow.The vulnerability is due to insufficient bounds checking on user-supplied data sent to the Cgitest.exe sample
CGI executable. Remote attackers can send carefully constructed values to overflow the buffer and execute arbitrary
code.
Signature ID: 1926
WEB-FRONTPAGE access.cnf access Vulnerability
Threat Level: Warning
Industry ID: CVE-2002-1717 Bugtraq: 4078 Nessus: 10575
Signature Description: Microsoft Internet Information Server (IIS) version 5.1 could reveal file contents. If a remote
attacker sends a specially-crafted GET request containing "dot dot" sequences (/../) to the server for one of the .cnf files
in the /_vti_pvt/ directory, the attacker could cause the server to return the contents of the requested file.
Signature ID: 1927
WEB-FRONTPAGE administrators.pwd access Vulnerability
Threat Level: Warning
Bugtraq: 1205
Signature Description: Microsoft FrontPage Extensions creates an administrators.pwd file inside the _vti_pvt directory
in the HTTP server's document root. This file contains encrypted passwords which could be remotely retrieved by an
attacker and cracked offline. If the passwords in this file are weak enough, or enough time is spent cracking them, the
attacker could potentially obtain the plaintext password and use it to access resources on the server.
Signature ID: 1928
WEB-FRONTPAGE author.exe access Vulnerability
Threat Level: Warning
Bugtraq: 2144
Signature Description: Microsoft IIS ships with Front Page Server Extensions (FPSE) which enables administrators
remote and local web page and content management. This event is generated when an attempt is made to use a
Frontpage client to connect and/or publish content to a web server with Frontpage Server Extensions-enabled.
Vulnerable platforms are Microsoft IIS 4.0 and 5.0.
Signature ID: 1929
WEB-FRONTPAGE cfgwiz.exe access vulnerability
Threat Level: Warning
Signature Description: Microsoft FrontPage Server Extensions 2002 and prior version have serious security
vulnerabilities which could enable an attacker to run arbitrary code on a user's system. An attacker who successfully
exploited this vulnerability will try to access FRONTPAGE /cfgwiz.exe file and could able to run code with Local
System privileges on an affected system, or could cause FrontPage Server Extensions to fail.