TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
41
Signature ID: 221
WebActive world readable log file vulnerability
Threat Level: Warning
Industry ID: CVE-2000-0642
Bugtraq: 1497 Nessus: 10470
Signature Description: A computer program that is responsible for accepting HTTP requests from clients and serving
them HTTP responses along with optional data contents is known as a webserver. WEBactive is an HTTP server by
ITAfrica. The default configuration of WebActive HTTP Server 1.0 stores the web access log file - 'active.log', in the
web root directory. This allows remote attackers to view the logs by directly requesting the page. An attacker may use
this to obtain valuable information about the site including visitor details and popularity information.
Signature ID: 222
Misconfigured Webcart information disclosure vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0610 Bugtraq: 2281 Nessus: 10298
Signature Description: WebCart is a web commerce product provided by Mountain Network Systems, Inc. Default
installations of Mountain Network Systems Inc. WebCart 1.0 are vulnerable to information disclosure due to
misconfiguration of access policies. The program writes customer order information in remotely accessible text
files.This information includes credit card details and other sensitive information. This signature detects access to
'/webcart/orders/' file.
Signature ID: 223
Misconfigured Webcart information disclosure vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0610 Bugtraq: 2281 Nessus: 10298
Signature Description: WebCart is a web commerce product provided by Mountain Network Systems, Inc. Default
installations of Mountain Network Systems Inc. WebCart 1.0 are vulnerable to information disclosure due to
misconfiguration of access policies. The program writes customer order information in remotely accessible text
files.This information includes credit card details and other sensitive information. This signature detects access to
'/webcart/carts/' directory.
Signature ID: 224
Misconfigured Webcart information disclosure vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0610 Bugtraq: 2281 Nessus: 10298
Signature Description: WebCart is a web commerce product provided by Mountain Network Systems, Inc. Default
installations of Mountain Network Systems Inc. WebCart 1.0 are vulnerable to information disclosure due to
misconfiguration of access policies. The program writes customer order information in remotely accessible text
files.This information includes credit card details and other sensitive information. This signature detects access to
'/webcart/config/' directory.
Signature ID: 225
Misconfigured Webcart information disclosure vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0610
Bugtraq: 2281 Nessus: 10298
Signature Description: WebCart is a web commerce product provided by Mountain Network Systems, Inc. Default
installations of Mountain Network Systems Inc. WebCart 1.0 are vulnerable to information disclosure due to
misconfiguration of access policies. The program writes customer order information in remotely accessible text
files.This information includes credit card details and other sensitive information. This signature detects access to
'/orders/carts/' file.