Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
41424344454647484950
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
45
specified in the call to YaBB.pl in the variable num. Before retrieving the file, YaBB will append a .txt extension to the
value given to num field. Due to input validation problem in YaBB Bulletin Board 9.1.2000, remote attackers can read
arbitrary files via a '..' (dot dot) character sequence as value of num variable. The '.txt' extension can be avoided by
appending %00 to <file>.
Signature ID: 244
SilverStream directory listing vulnerability
Threat Level: Warning
Nessus: 10846
Signature Description: The SilverStream Application Server is a comprehensive, J2EE certified platform for building
and deploying enterprise-class Web applications. This product is currently maintained by Novell. If the disable
directory listing option is disabled, any web user is allowed to see the directory contents. This can give an attacker
valuable information which can be used in subsequent attacks.
Signature ID: 246
ServletExec 4.1 ISAPI Physical Path Disclosure vulnerability
Threat Level: Warning
Industry ID: CVE-2002-0892 Bugtraq: 4793 Nessus: 10960
Signature Description: ServletExec/ISAPI is a plug-in Java Servlet/JSP engine for Microsoft IIS. It runs with IIS on
Microsoft Windows NT/2000/XP systems. The default configuration of NewAtlanta ServletExec ISAPI 4.1 discloses
the absolute path to the webroot directory when a specially crafted request without a trailing filename is received.The
specially crafted request is made to 'servlet/com.newatlanta.servletexec.JSP10Servlet/'.
Signature ID: 248
Ping.asp based denial of service attack
Threat Level: Warning
Nessus: 10968
Signature Description: Active Server Pages (ASP) is Microsoft's server-side script engine for dynamically-generated
web pages. Some versions of the 'ping.asp' program allows a malicious user to launch a ping flood against local
machine or another connected system. This will result in a Denial of Service (DoS) condition.
Signature ID: 249
JServ Cross Site Scripting Vulnerability
Threat Level: Warning
Nessus: 10957
Signature Description: Apache JServ consists of two functional components called mod_jserv and a servlet engine.
mod_jserv is an Apache Server module and directs incoming requests for Java Servlets to a servlet engine. The Apache
JServ Protocol (AJP) facilitates communication between the two components. Older versions of JServ (including the
version shipped with Oracle9i App Server v1.0.2) are vulnerable to a cross site scripting attack using a request for a
non-existent .JSP file.
Signature ID: 250
Apache Windows PHP Arbitrary File access and binary execution Vulnerability
Threat Level: Warning
Industry ID: CVE-2002-2029
Bugtraq: 3786 Nessus: 10839
Signature Description: PHP is a computer scripting language. A configuration vulnerability exists for PHP.EXE cgi as
shipped with Apache software Foundation Apache 1.3.11 to 1.3.20 for Windows 95/98/NT/2000 platforms. Setting
ScriptAlias for '/php/' to 'c:/php/' creates a security vulnerability. This allows arbitrary files to be read from the host.
The remote user can also run all executables in the PHP directory.