Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
31323334353637383940
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
39
Signature Description: Tarantella Enterprise 3 is a tool for centralized web interface based management of data and
applications for Unix and Linux based distributions. The 'ttawebtop.cgi' is a CGI script included with the Tarantella
Enterprise 3 3.0 to 3.20.0. It does not sufficiently validate input. As a result, using a '../' character sequence it is possible
for a remote user to traverse the directory structure, and view any file that is readable by the webserver process. This
can give an attacker valuable information that can be used in subsequent attacks.
Signature ID: 213
Access to Upload.cgi
Threat Level: Information
Nessus: 10290
Signature Description: The Common Gateway Interface (CGI) is a standard protocol for interfacing external
application software with an information server, commonly a web server. 'Upload.cgi' is a CGI program that is used to
upload files on to a web server. Many such programs having the same name are vulnerable due to insufficient parsing
of input. The vulnerabilities include file upload to arbitrary locations, file upload without authentication,etc. This
signature detects presence of "Upload.cgi".
Signature ID: 214
O'Reilly's Website Pro uploader.exe CGI vulnerability
Threat Level: Severe
Industry ID: CVE-1999-0177 Bugtraq: 1611 Nessus: 10291
Signature Description: A computer program that is responsible for accepting HTTP requests from clients and serving
them HTTP responses along with optional data contents is known as a webserver. The Common Gateway Interface
(CGI) is a standard protocol for interfacing external application software with an information server, commonly a web
server. O'Reilly's Website Pro is a webserver. A program 'uploader.exe' is present in the /cgi-win directory of this
server. 'uploader.exe' in versions of O'Reilly's Website pro software before 1.1g allows an attacker to upload arbitrary
CGI programs and then execute them using CGI requests.
Signature ID: 215
WEB-CGI ustorekeeper.pl directory traversal vulnerability
Threat Level: Severe
Industry ID: CVE-2001-0466 Bugtraq: 2536 Nessus: 10645
Signature Description: UStorekeeper is an Online Shopping System from Microburst Technologies. Directory traversal
vulnerability exists in ustorekeeper 1.0.1 to 1.8.1 (inclusive) as the script fails to properly validate user-supplied input.
This allows remote attackers to read arbitrary files via a '..' (dot dot) character sequence in the 'file' parameter. The files
are displayed with the privilege level of the webserver user.
Signature ID: 216
View_source CGI Information Disclosure Vulnerability
Threat Level: Severe
Industry ID: CVE-1999-0174
Bugtraq: 2251 Nessus: 10294
Signature Description: UNIX is a computer operating system originally developed by a group of AT&T employees at
Bell Labs. Skunkware is a variant of the UNIX Operating System distributed by Santa Cruz Operations(SCO). 'view-
source' is a script included with the httpd package bundled with Skunkware 2.0. A problem with the view-source script
allows access to restricted files remotely. The problem occurs in the handling of '../' (dot dot slash) character sequence
by the view-source script. This allows an attacker to traverse the directory structure on a web server and view any file
that is readable by the webserver process. This can give an attacker valuable information that can be used in subsequent
attacks.