TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
29
Signature ID: 164
PHP-Nuke Remote File (Copy/Delete) Vulnerability
Threat Level: Severe
Industry ID: CVE-2001-1032
Bugtraq: 3361 Nessus: 10772
Signature Description: PHP Nuke is a website creation/maintenance tool written in PHP3. PHP-Nuke versions 5.2 and
earlier suffer from a vulnerability. The vulnerability is caused by inadequate processing of queries by PHP-Nuke's
admin.php which enables attackers to copy any file off the operating system to anywhere else on the operating system
or even delete the files.
Signature ID: 165
PHP-Nuke security vulnerability (bb_smilies.php)
Threat Level: Warning
Industry ID: CVE-2001-0320 CVE-2001-0001 Bugtraq: 2422 Nessus: 10630
Signature Description: PHP-Nuke is a web-based automated news publishing and content management system based
on PHP and MySQL. bb_smilies.php in PHP-Nuke 4.4 allows remote attackers to gain PHP administrator privileges
and read arbitrary files by inserting a null character and '..' (dot dot) sequence into a malformed username argument.
Signature ID: 166
PHP-Nuke Gallery Add-on Arbitrary File View Vulnerability
Threat Level: Severe
Industry ID: CVE-2001-0900 Bugtraq: 3554 Nessus: 10810
Signature Description: PHP-Nuke is a web-based automated news publishing and content management system based
on PHP and MySQL. Bharat Mediratta Gallery is a free, open source web-based photo album which may be used as an
add-on for the PHPNuke web portal. Bharat Mediratta Gallery 1.2.2 and prior versions on Francisco Burzi PHP-Nuke
5.0 are vulnerable to the directory traversal vulnerability that allows remote user to view arbitrary files on the web
serverwith the priviliges of the web server.
Signature ID: 167
PHP-Nuke' opendir vulnerability
Threat Level: Warning
Industry ID: CVE-2001-0321
Nessus: 10655
Signature Description: PHP-Nuke is a web-based automated news publishing and content management system based
on PHP and MySQL. PHP-Nuke version 4.4 contains a vulnerability in the handling of the requesturl URL parameter
when passed to the opendir.php script. It is possible for a remote attacker to view the contents of files readable by the
Web server. It is also possible for the attacker to submit a URL to an external PHP script (on another host), which
would then be retrieved and included/executed. Hence, arbitrary command execution with the privileges of http server
is possible.
Signature ID: 168
PHP/FI Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-1999-0058 Bugtraq: 712 Nessus: 10178
Signature Description: PHP is a computer scripting language designed for producing dynamic web pages. The PHP/FI
package which was originally written by Rasmus Lerdorf is an is an HTML-embedded scripting language. Since it's
inception PHP/FI has been turned over to another development team and is now known only as PHP. PHP PHP/FI 2.0
b10 and prior versions are vulnerable to a buffer overflow in the function FixFilename() function in file.c. If strings
with length of around 8 kilobytes are passed to the function's buffers that are 128 bytes long, the stack can be
overwritten, making it possible for an attacker to obtain shell access to the machine running the web server.