Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
31323334353637383940
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
36
vulnerable CGI program is 'siteUserMod.cgi'. The attacker can then access or modify information pertaining to any
account on the system and remove all logs that record the modifications made by him.
Signature ID: 198
SIX Webboard's generate.cgi vulnerability
Threat Level: Severe
Industry ID: CVE-2001-1115
Bugtraq: 3175 Nessus: 10725
Signature Description: SIX-webboard is a Web bulletin board application developed by Sixhead. The Common
Gateway Interface (CGI) is a standard protocol for interfacing external application software with an information server,
commonly a web server. SIX-webboard 2.01 'generate.cgi' CGI program does not filter ".." and "/" from the user input.
This allows malicious users to enter arbitrary values in order to view or retrieve files not normally accessible to them
from the remote host. This can give an attacker valuable information that can be used in subsequent attacks.
Signature ID: 199
Sojourn File Access Vulnerability
Threat Level: Severe
Industry ID: CVE-2000-0180 Bugtraq: 1052 Nessus: 10349
Signature Description: Sojourn is a search engine similar to 'Yahoo!'. The Sojourn software includes the ability to
organize a website into categories. These categories can then be accessed via the sojourn.cgi Perl script. Each category
has an associated .txt file based on the category name. The program appends the .txt extension onto the contents of the
'cat' variable. by appending %00 to the end of the requested file, a malicious user can prevent the .txt extension from
being appended to the filename. The Generation Terrorists Designs & Concepts Sojourn 2.0 'sojourn.cgi' program
accepts '../' string in the variable contents. This gives a malicious user read access to any file with the privileges of the
web server.
Signature ID: 200
Spin_client.cgi buffer overrun vilnerability
Threat Level: Warning
Nessus: 10393
Signature Description: SpinBox is an ad serving and hosting solution. The Common Gateway Interface (CGI) is a
standard protocol for interfacing external application software with an information server, commonly a web server.
There is a buffer overrun in the 'spin_client.cgi' CGI program, which will allow anyone to execute arbitrary commands
with the same privileges as the web server (root or nobody).
Signature ID: 201
SQLQHit Directory Structure Disclosure vulnerability
Threat Level: Warning
Industry ID: CVE-2001-0986 Bugtraq: 3339
Signature Description: Structured Query Language (SQL) is a database computer language designed for the retrieval
and management of data in relational database management systems (RDBMS). Internet Information Server (IIS) is a
popular web server on Microsoft Windows platform. The sqlqhit.asp sample file is used for performing web-based SQL
queries. In Internet Information Services server 4.0 running Index Server 2.0, a malicious user can reveal the path
information, file attributes, and possibly some lines of the file contents by directly calling 'sqlqhit.asp' with a CiScope
parameter set to (1) webinfo, (2) extended_fileinfo, (3) extended_webinfo, or (4) fileinfo.
Signature ID: 202
Thinking Arts ES.One Directory Traversal Vulnerability
Threat Level: Severe
Industry ID: CVE-2001-0305 Bugtraq: 2385 Nessus: 10639