TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
5
Signature ID: 13
Httpd input2.bat arbitrary command execution Vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0947
Bugtraq: 762 Nessus: 10016
Signature Description: A computer program that is responsible for accepting HTTP requests from web clients and
serving them HTTP responses along with optional data contents, which usually are web pages such as HTML
documents and linked objects (images, etc.) is known as a web server. AN-HTTPd server is one such server. If one of
these CGIs is installed on the AN-HTTPd 1.2 b server: cgi-bin/test.bat cgi-bin/input.bat cgi-bin/input2.bat
ssi/envout.bat, it is possible to misuse them to make the remote server execute arbitrary commands. This signature
detects attacks using input2 and test batch files.
Signature ID: 14
Httpd envout.bat cgi vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0947 Bugtraq: 762 Nessus: 10016
Signature Description: A computer program that is responsible for accepting HTTP requests from web clients and
serving them HTTP responses along with optional data contents, which usually are web pages such as HTML
documents and linked objects (images, etc.) is known as a web server. AN-HTTPd server is one such server. If one of
these CGIs is installed on the AN-HTTPd 1.2 b server: cgi-bin/test.bat cgi-bin/input.bat cgi-bin/input2.bat
ssi/envout.bat, it is possible to misuse them to make the remote server execute arbitrary commands. This signature
detects attacks that use envout.bat.
Signature ID: 15
Anacondaclip cgi directory traversal vulnerability
Threat Level: Severe
Industry ID: CVE-2001-0593 Bugtraq: 2512 Nessus: 10644
Signature Description: Anaconda! Partners is a Massachusetts based company formed in 1999 to bring engaging
content easily and quickly to websites around the world. Clipper is a headline-gathering tool from Anaconda! Partners
that allows Web site operators to integrate headlines from a variety of news sources into their web site. Ananconda
Partners Clipper 3.3 and earlier could allow a remote attacker to traverse directories on the web server. A remote
attacker can send a URL request containing "dot dot" sequences (/../) to traverse directories and view arbitrary files on
the web server.
Signature ID: 16
Apache DIR listing cgi vulnerability
Threat Level: Warning
Industry ID: CVE-2001-0731
Bugtraq: 3009 Nessus: 10704
Signature Description: The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP
server for modern operating systems including UNIX and Windows. Apache HTTP Server has been the most popular
HTTP server on the World Wide Web. By making requests ending with '?M=A' or '?S=D' to the Apache web server
1.3.20, with Multiviews enabled, it is sometimes possible to obtain a directory listing even if an index.html file is
present.
Signature ID: 17
Apache ASP 1.95 source.asp cgi vulnerability
Threat Level: Severe
Industry ID: CVE-2000-0628
Bugtraq: 1457 Nessus: 10480
Signature Description: The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP
server for modern operating systems including UNIX and Windows. Apache HTTP Server is the most popular HTTP