Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
51525354555657585960
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
54
information about the computer including the type and speed of the processor, memory details, and other details of
installed hardware. An attacker can use this information to make more focused attacks.
Signature ID: 301
WinGate Logfile Server Vulnerability
Threat Level: Information
Signature Description: WinGate Proxy Server provides a Log File Server on port 8010 to remotely view logfiles. In
certain cases this server may be enabled by default. If this service accepts connections from remote hosts, the entire file
system may be accessible, allowing remote users to access, read or download any file on vulnerable system.
Signature ID: 304
Convert.bas arbitrary file access vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0175 Bugtraq: 2025
Signature Description: NetWare is a network operating system developed by Novell, Inc. Netware comes with a set of
services for TCP/IP stack, one of which is a web server.The Common Gateway Interface (CGI) is a standard protocol
for interfacing external application software with an information server, commonly a web server. In Novell NetWare
Web Server 2.0, a CGI written in BASIC called "convert.bas" allows retrieval of files outside of the normal web server
context. This can be accomplished by submitting the file name and path as a parameter to the script, using (../../)
character sequence to traverse directories. Access may or may not be limited to the SYS: volume.
Signature ID: 305
ColdFusion Evaluator sample program vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0455 Bugtraq: 115
Signature Description: ColdFusion is an application server and software development framework used for the
development of computer software in general, and dynamic web sites in particular. In ColdFusion Server 2.0 to 4.0 ,
'Expression Evaluator' is a sample script included to demonstrate the expression evaluation features of ColdFusion. A
vulnerability exists in this script that could allow remote attackers to create, view or delete arbitrary files on the server.
Even though this program cannot be accessed except from localhost, an attacker can directly request parts of the
program from remote system. 'openfile.cfm' and 'openedfile.cfm' allows upload of files to the sever. 'exprcalc.cfm'
processes the uploaded file, displays it and then deletes it. An attacker can bypass this issue by using exprcacl.cfm to
delete itself.
Signature ID: 306
Coldfusion web administration Denial of Service Vulnerability
Threat Level: Warning
Signature Description: ColdFusion is an application server and software development framework used for the
development of computer software in general, and dynamic web sites in particular. In ColdFusion 4.0 and 4.0.1,
ColdFusion Administrator with Advanced Security enabled allows remote users to stop the ColdFusion server via the
Start/Stop utility.
Signature ID: 307
HAMCards Postcard arbitrary code execution vulnerability
Threat Level: Warning
Industry ID: CVE-1999-1153
Signature Description: The Common Gateway Interface (CGI) is a standard protocol for interfacing external
application software with an information server, commonly a web server.HAMCards Postcard script is a perl mail CGI
Program. HAMCards Postcard script v1.0 Beta 2 allows remote attackers to execute arbitrary commands via shell meta