Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
41424344454647484950
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
44
Signature ID: 238
Whois_raw.cgi arbitrary command execution vulnerability
Threat Level: Warning
Industry ID: CVE-1999-1063 Bugtraq: 304 Nessus: 10306
Signature Description: The Common Gateway Interface (CGI) is a standard protocol for interfacing external
application software with an information server, commonly a web server. WHOIS is a query/response protocol which is
widely used for querying an official database in order to determine the owner of a domain name, an IP address, or an
autonomous system number on the Internet. CdomainFree is a simple CGI Perl scirpt which can be used to gather the
complete whois information for a domain name as well as the availability of a domain name in popular domain
extensions like .com, .net, .org and .edu. A vulnerability in a CGI script called 'whois_raw.cgi' included with
CdomainFree 1.0 to 2.4(inclusive)allows remote malicious users to run any executable already existing on the machine
via shell meta characters in the fqdn parameter.
Signature ID: 239
Windmail.exe CGI access detected vulnerability
Threat Level: Warning
Industry ID: CVE-2000-0242 Bugtraq: 1073 Nessus: 10365
Signature Description: GeoCel WindMail is a command-line mailer that can be integrated with perl cgi applications to
create form-mail capability for a website. WindMail 3.0 and prior versions can be used to retrieve files via email and
execute arbitrary commands with the privileges of the webserver. The exact impact of the attack is based on access
restrictions and the mode of WindMail being used.
Signature ID: 241
Wwwboard passwd.txt access vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0953 Bugtraq: 649,12453 Nessus: 10321
Signature Description: The WWWBoard package is a popular web based discussion board by Matt Wright. The
administration area of the WWWBoard package requires a username and password for authentication. WWWBoard
Alpha 2.0 and 2.1 store encrypted passwords in a password file called 'passwd.txt' that is created in the web root
directory. As a result, an attacker may obtain the contents of this file and decode the password to modify the remote
www board.
Signature ID: 242
Wwwwais CGI Access vulnerability
Threat Level: Severe
Industry ID: CVE-2001-0223 Bugtraq: 2292 Nessus: 10597
Signature Description: WWWWAIS is a small ANSI C program that acts as gateway between programs that create
indexed catalogs of files and a forms-capable World-Wide Web browser. In wwwwais.c 2.5 c, a remote user supplying
excess input (> 1024 characters) to a GET request can cause a heap overflow. This slow down the affected webserver
causing a denial of service. The remote attacker can execute arbitrary commands with the privilege level of the
webserver user if the attack packet is properly structured.<br>
Signature ID: 243
YaBB CGI arbitrary file access vulnerability
Threat Level: Warning
Industry ID: CVE-2000-0853 Bugtraq: 1668 Nessus: 10512
Signature Description: A message board system is a program that allows people to leave public messages on a website.
YaBB.pl, a web-based bulletin board script, stores board postings in numbered text files. The numbered file name is