TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

271

272

273

274

275

276

277

278

279

280

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

271

Signature ID: 1947

WEB-FRONTPAGE services.cnf access Vulnerability

Threat Level: Warning

Industry ID: CVE-2002-1717

Bugtraq: 4078 Nessus: 10575

Signature Description: Microsoft Frontpage Extensions on IIS 5.1 or Apache web servers are vulnerable to Information

Disclosure vulnerability.The web server may allow remote users to read sensitive information from .cnf files.By

submitting a request for one of the vulnerable files by way of '/_vti_pvt/', will cause the host to reveal sensitive

information.

Signature ID: 1948

WEB-FRONTPAGE svcacl.cnf access Vulnerability

Threat Level: Warning

Industry ID: CVE-2002-1717 Bugtraq: 4078 Nessus: 10575

Signature Description: Microsoft Frontpage Extensions on IIS 5.1 or Apache web servers are vulnerable to Information

Disclosure vulnerability.The web server may allow remote users to read sensitive information from .cnf files.By

submitting a GET requests for one of the vulnerable files 'access.cnf', 'botinfs.cnf', 'bots.cnf' or 'linkinfo.cnf' by way of

'/_vti_pvt/', will cause the host to reveal sensitive information.

Signature ID: 1949

WEB-FRONTPAGE users.pwd access Vulnerability

Threat Level: Warning

Signature Description: Microsoft Frontpage Extensions on IIS or Apache web servers are vulnerable to Information

Disclosure vulnerability. This signature triggers when an attempt is made to compromise a host running Microsoft

FrontPage Server Extensions when an attempt is made to retrieve the file users.pwd. This file contains user password

information.The vulnerable platform is Windows 98 using Microsoft FrontPage Server Extensions.Denial of Service is

possible.

Signature ID: 1950

WEB-FRONTPAGE writeto.cnf access Vulnerability

Threat Level: Warning

Industry ID: CVE-2002-1717

Bugtraq: 4078 Nessus: 10575

Signature Description: Microsoft Frontpage Extensions on IIS 5.1 or Apache web servers are vulnerable to Information

Disclosure vulnerability. The web server may allow remote users to read sensitive information from .cnf files.

Submitting a request for one of the vulnerable files by way of '/_vti_pvt/writeto.cnf', through GET request, will cause

the host to reveal system path information. The reported problematic files are 'access.cnf', 'botinfs.cnf', 'bots.cnf' and

'linkinfo.cnf'.

Signature ID: 1951

WEB-PHP Marcus Xenakis directory.php arbitrary command attempt Vulnerability

Threat Level: Warning

Industry ID: CVE-2002-0434 Bugtraq: 4278 Nessus: 11017

Signature Description: Xenakis is vulnerable to shell command execution attacks. Marcus S. Xenakis PHP-Scripts very

often use simple calls of shell commands. The Xenakis directory.php script provides a web interface for directory

listings, similar to the 'ls' command. An issue exists in this script which could allow a user to execute arbitrary shell

commands. This is achieved by including metacharacters such as ';' or '|' in the script's input. Shell commands will

execute with the permissions of the script process, often a non-privileged user 'nobody'.