TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
268
Signature ID: 1930
WEB-FRONTPAGE contents.htm access Vulnerability
Threat Level: Warning
Signature Description: Microsoft FrontPage Server Extensions 2002 and prior version have serious security
vulnerabilities which could enable an attacker to run arbitrary code on a user's system.An attacker who successfully
exploited this vulnerability could be able to run code with Local System privileges on an affected system, or could
cause FrontPage Server Extensions to fail. This signature detects access to vulnerable contents.htm file.
Signature ID: 1931
WEB-FRONTPAGE form_results access Vulnerability
Threat Level: Warning
Industry ID: CVE-1999-1052
Signature Description: Microsoft FrontPage stores form results in a default location in /_private/form_results.txt,
which is world-readable and accessible in the document root, which allows remote attackers to read possibly sensitive
information submitted by other users. The attacker is required to have prior knowledge of file names to exploit this
vulnerability, which does not yield any other privileges than read access.
Signature ID: 1932
WEB-FRONTPAGE form_results.htm access Vulnerability
Threat Level: Warning
Industry ID: CVE-1999-1052
Signature Description: A vulnerability in the file access protocols of the Microsoft Personal Web Server (PWS) and
FrontPage PWS could allow arbitrary files to be remotely read. Microsoft FrontPage Server Extensions 2002 and prior
version have serious security vulnerabilities which could enable an attacker to run arbitrary code on a user's system. An
attacker who successfully exploited this vulnerability could be able to run code with Local System privileges on an
affected system, or could cause FrontPage Server Extensions to fail. The attacker is required to have prior knowledge
of file names to exploit this vulnerability, which does not yield any other privileges than read access.
Signature ID: 1933
WEB-FRONTPAGE fpadmcgi.exe access Vulnerability
Threat Level: Warning
Signature Description: On the Web server computer, Fpadmdll.dll or Fpadmcgi.exe acts as the form handler for any of
the SharePoint Team Services and FrontPage 2002 Server Extensions HTML Administration pages.Microsoft
FrontPage Server Extensions 2002 and prior version have serious security vulnerabilities which could enable an
attacker to run arbitrary code on a user's system. An attacker who successfully exploited this vulnerability could be able
to run code with Local System privileges on an affected system, or could cause FrontPage Server Extensions to fail.
Signature ID: 1934
WEB-FRONTPAGE fpadmin.htm access Vulnerability
Threat Level: Warning
Signature Description: HTML Administration Forms is used to install and administer Microsoft FrontPage Server
Extensions remotely with a Web browser. When you install FrontPage Server Extensions during Microsoft Office
Server Extensions (OSE) Setup, the forms are copied to your Web server. When you install the forms on your Web
server, your home page for the HTML Administration Forms is Fpadmin.htm. Microsoft FrontPage Server Extensions
2002 and prior version have serious security vulnerabilities which could enable an attacker to run arbitrary code on a
user's system. An attacker who successfully exploited this vulnerability could be able to run code with Local System
privileges on an affected system, or could cause FrontPage Server Extensions to fail.