Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
31323334353637383940
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
34
'sendtemp.pl' is vulnerable to a directory traversal and file retrieval vulnerability. Using this script, an attacker can view
contents of directories outside of the configured template directory with the privileges of the apache web server
process.
Signature ID: 189
Shells in /cgi-bin vulnerability
Threat Level: Severe
Industry ID: CVE-1999-0509 Nessus: 10252
Signature Description: A shell interpreter is a software for interacting with the computer operating system using
commands to perform specific tasks. The Common Gateway Interface (CGI) is a standard protocol for interfacing
external application software with an information server, commonly a web server. All CGI based services are placed in
a particular folder on the http server. If a shell interpreter is placed in this folder, an attacker can execute any
commands with the privileges of the http server. This signature detects the access to Almquist shell in the CGI
directory.
Signature ID: 190
Shells in /cgi-bin vulnerability
Threat Level: Severe
Industry ID: CVE-1999-0509 Nessus: 10252
Signature Description: A shell interpreter is a software for interacting with the computer operating system using
commands to perform specific tasks. The Common Gateway Interface (CGI) is a standard protocol for interfacing
external application software with an information server, commonly a web server. All CGI based services are placed in
a particular folder on the http server. If a shell interpreter is placed in this folder, an attacker can execute any
commands with the privileges of the http server. This signature detects the access to Bourne-Again shell in the CGI
directory.
Signature ID: 191
Shells in /cgi-bin vulnerability
Threat Level: Severe
Industry ID: CVE-1999-0509 Nessus: 10252
Signature Description: A shell interpreter is a software for interacting with the computer operating system using
commands to perform specific tasks. The Common Gateway Interface (CGI) is a standard protocol for interfacing
external application software with an information server, commonly a web server. All CGI based services are placed in
a particular folder on the http server. If a shell interpreter is placed in this folder, an attacker can execute any
commands with the privileges of the http server. This signature detects the access to C shell in the CGI directory.
Signature ID: 192
Shells in /cgi-bin vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0509 Nessus: 10252
Signature Description: A shell interpreter is a software for interacting with the computer operating system using
commands to perform specific tasks. The Common Gateway Interface (CGI) is a standard protocol for interfacing
external application software with an information server, commonly a web server. All CGI based services are placed in
a particular folder on the http server. If a shell interpreter is placed in this folder, an attacker can execute any
commands with the privileges of the http server. This signature detects the access to Korn shell in the CGI directory.