Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
31323334353637383940
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
32
support threads this will prevent the server from serving other clients. Thus, an attacker can launch a denial of service
attack.
Signature ID: 179
Caldera OpenLinux 2.3 rpm_query CGI Vulnerability
Threat Level: Warning
Industry ID: CVE-2000-0192
Bugtraq: 1036 Nessus: 10340
Signature Description: Linux is a Unix-like computer operating system. Caldera OpenLinux is a defunct Linux
distribution that was created by the Caldera Systems corporation. The default installation of Caldera OpenLinux 2.3
includes the CGI program rpm_query, which allows remote attackers to determine what packages are installed on the
system. The 'rpm_query' CGI is installed in '/home/httpd/cgi-bin/'. Any user can run this CGI and obtain a listing of the
installed packages with version information. This could be used to determine the vulnerabile software on the server.
Signature ID: 180
Sambar Web Server CGI scripts vulnerability
Threat Level: Severe
Industry ID: CVE-2000-0213 Bugtraq: 1002 Nessus: 10246
Signature Description: Sambar server is a multi-threaded, extensible application server with highly programmable API.
Sambar Server 4.2 beta 7 for Windows NT and 2000 supports DOS-style batch programs as CGI scripts. A remote
attacker can use any batch file used by the server in the 'cgi-bin' directory to run any valid command-line program with
administrator privileges. This allows the attacker to read, modify, create, or delete any file or directory on the system,
including user accounts, etc. Even if the user hasn't enabled or created any batch files, the software ships with two by
default: 'hello.bat' and 'echo.bat'.
Signature ID: 181
Sambar /cgi-bin/mailit.pl vulnerability
Threat Level: Severe
Nessus: 10417
Signature Description: Sambar server is a multi-threaded, extensible application server with highly programmable API.
Sambar Server 5.2 is vulnerable due to a demo CGI script called 'mailit.pl'. Eventhough the access to 'mailit.pl' is
restricted to localhost, an attacker can still execute it using a specially crafted POST request. It can be used to relay
mail, to access files on the server and to upload files to the server.
Signature ID: 182
Sambar webserver pagecount file corruption vulnerability
Threat Level: Warning
Industry ID: CVE-2001-1010 Bugtraq: 3091,3092 Nessus: 10711
Signature Description: Sambar server is a multi-threaded, extensible application server with highly programmable API.
Directory traversal vulnerability in pagecount CGI sample script of Sambar Server 4.4 production to 5.0 beta
4(inclusive) allows remote attackers to overwrite arbitrary files via a .. (dot dot) attack on the page parameter. Files
attacked in this manner will be corrupted. Loss of critical data and a denial of services may occur if system files are
overwritten.
Signature ID: 183
Directory listing through Sambar server search.dll vulnerability
Threat Level: Warning
Industry ID: CVE-2000-0835 Bugtraq: 1684 Nessus: 10514
Signature Description: Sambar server is a multi-threaded, extensible application server with highly programmable API.
Sambar ISAPI Search utility 'search.dll' in Sambar Server 3.0 to 4.4 Beta 3 (inclusive) allows remote attackers to read