Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
51525354555657585960
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
52
Signature ID: 284
AlienForm CGI script vulnerability
Threat Level: Warning
Industry ID: CVE-2002-0934 Bugtraq: 4983 Nessus: 11027
Signature Description: The Common Gateway Interface (CGI) is a standard protocol for interfacing external
application software with an information server, commonly a web server. AlienForm2 is an interface to the email
gateway written in Perl and is maintained by Jon Hedley. The cgi is typically installed as 'af.cgi' or 'alienform.cgi'. In
Jon Hedley AlienForm2 1.5, directory traversal vulnerability allows remote attackers to read or modify or create
arbitrary files via '.|.%2F' character sequence in the _browser_out parameter or _out_file parameter. This signature
detects attacks on 'alienform.cgi' program.
Signature ID: 285
Agora CGI Cross Site Scripting Vulnerability
Threat Level: Warning
Industry ID: CVE-2001-1199 Bugtraq: 3702 Nessus: 10836
Signature Description: The Common Gateway Interface (CGI) is a standard protocol for interfacing external
application software with an information server, commonly a web server. Agora.cgi is a freely available, open source
shopping cart system. When debug mode is enabled in Agora.cgi Agora.cgi 3.2 to 4.0 g (inclusive), the script does not
filter HTML tags in the cart_id parameter. As a result, it is possible for an attacker to construct a malicious link with a
client side script code. When the link is clicked by a client, the script code will be executed by the browser in the
context of the web server. This may result in a variety of problems from sensitive information disclosure to session
hijacking. Please note that debug mode must be manually enabled by the web server administrator.
Signature ID: 286
AdMentor sql injection Vulnerability
Threat Level: Warning
Industry ID: CVE-2002-0308 Bugtraq: 4152 Nessus: 10880
Signature Description: AdMentor is a free collection of ASP scripts created by Stefan Holmberg. AdMentor provides
banner ad rotation functionality. SQL injection is a technique that exploits a security vulnerability occurring in the
database layer of an application due to improper filtering of user input. A SQL injection vulnerability has been reported
in admin.asp as provided with AdMentor 2.11 through 'userid' and 'pwd' arguments. This is because special characters
such as '(quote) are not filtered from user input. This allows remote attackers to bypass authentication and gain
privileges.
Signature ID: 294
Shells in /cgi-bin vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0509
Nessus: 10252
Signature Description: A shell interpreter is a software for interacting with the computer operating system using
commands to perform specific tasks. The Common Gateway Interface (CGI) is a standard protocol for interfacing
external application software with an information server, commonly a web server. All CGI based services are placed in
a particular folder on the http server. If a shell interpreter is placed in this folder, an attacker can execute any
commands with the privileges of the http server. This signature detects GET request access to Bourne shell, Almquist
shell, Bourne-Again shell, C shell, Korn shell, TENEX shell and Z shell in the CGI directory.