Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
51525354555657585960
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
53
Signature ID: 295
Finger web gateway access vulnerability
Threat Level: Warning
Signature Description: The Common Gateway Interface (CGI) is a standard protocol for interfacing external
application software with an information server, commonly a web server. The Finger command shows user
information. Some web sites implement a web gateway to the "finger" service, allowing remote web clients to execute
finger queries against arbitrary hosts. In environments where the "finger" service has been determined to be a security
risk (due to the sensitivity of the information it provides), a web finger gateway can be used to execute finger queries
against the server, allowing an attacker to obtain information about its users. An attacker can use this information to
make more focused attacks. This signature detects reconnaissance attempts on other hosts using such finger gateway.
Signature ID: 296
AnyForm CGI check vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0066 Bugtraq: 719
Signature Description: The Common Gateway Interface (CGI) is a standard protocol for interfacing external
application software with an information server, commonly a web server. AnyForm is a CGI program written by John
S. Roberts that allows webmasters to create arbitrary form submission pages without writing a dedicated CGI program
for each form. AnyForm runs the Bourne shell to execute Sendmail, which it uses to send form results to the web
administrator. In AnyForm 1.0 amd 2.0, due to improper quoting of form field parameters, an attacker can place shell
meta characters in the form fields. This allows execution of arbitrary commands by the attacker using AnyForm with
the privileges web server.
Signature ID: 298
PHP mlog Example Script arbitrary file access vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0346 Bugtraq: 713
Signature Description: Personal Home Page/Form Interpreter (PHP/FI) is computer scripting language designed for
producing dynamic web pages. In PHP PHP/FI 1.0 to 2.0 b10(inclusive), "mlog.html" sample script does not sanitizing
input passed to the "screen" variable and hence allows an attacker to read arbitrary files on the web server. An attacker
can use this information to make more focused attacks.
Signature ID: 299
PHP mylog Example Script arbitrary file access vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0068 Bugtraq: 713
Signature Description: Personal Home Page/Form Interpreter (PHP/FI) is computer scripting language designed for
producing dynamic web pages. In PHP PHP/FI 1.0 to 2.0 b10(inclusive), "mylog.html" sample script does not
sanitizing input passed to the "screen" variable and hence allows an attacker to read arbitrary files on the web server.
An attacker can use this information to make more focused attacks.
Signature ID: 300
IRIX MachineInfo Script vulnerability
Threat Level: Warning
Industry ID: CVE-1999-1067
Signature Description: IRIX is a computer operating system developed by Silicon Graphics, Inc. to run natively on
their 32 and 64-bit MIPS architecture workstations and servers. A vulnerability exists in the 'InfoSearch' package as
included by Silicon Graphics in their IRIX operating system versions 5.3 and 6.4. An attacker can obtain sensitive