Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
51525354555657585960
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
56
Signature Description: The "codebrws.asp" sample shipped with IIS 4.0 and SiteServer 3.x can be remotely exploited
to read arbitrary files on vulnerable servers. This file is one of several sample files distributed with these servers that
allows remote file viewing.
Signature ID: 317
Sambar Server Default Account vulnerability
Threat Level: Warning
Bugtraq: 2255
Signature Description: Sambar Server is a multi-threaded HTTP, FTP, and Proxy server for Windows NT. By default
the server ships with the default account "admin" with no password, which could allow a remote attacker to gain
complete control of your server if it is not changed. The server also ships with two other, though non-privileged
accounts "anonymous" and "guest" which should be disabled.
Signature ID: 318
NT Site Server sample Ad Server information disclosure Vulnerability
Threat Level: Warning
Industry ID: CVE-1999-1520 Bugtraq: 256
Signature Description: Microsoft Site Server is a software solution from Microsoft for Internet-based commerce (or e-
commerce). A vulnerability exists in Microsoft Site Server 3.0 alpha. The 'Ad Server' Sample directory has the
'SITE.CSC' file which contains sensitive configuration information about the SQL database. Due to misconfiguration in
default access control specifications, the Microsoft Site Server allows retrieval of this file. Information gained from this
may lead to compromise of highly sensitive information on the web server.
Signature ID: 325
O'Reilly WebSite win-c-sample.exe buffer overflow vulnerability
Threat Level: Warning
Industry ID: CVE-1999-0178 Bugtraq: 2078 Nessus: 10008
Signature Description: O'Reilly WebSite Professional is a Windows based Web Server package. One of the sample
programs in O'Reilly Software WebSite Professional 1.0 to 2.0 (inclusive) is vulnerable to a buffer overflow that allows
execution of arbitrary commands on the host machine with the privileges of the web server. The vulnerability exists in
'win-c-sample.exe' CGI program available in '/cgi-shl/' directory.
Signature ID: 328
Nph-publish arbitrary file overwrite vulnerability
Threat Level: Warning
Industry ID: CVE-1999-1177
Signature Description: The Common Gateway Interface (CGI) is a standard protocol for interfacing external
application software with an information server, commonly a web server. 'nph-publish' is a perl CGI script that allows
Apache to "publish" files created with HTML editors like Netscape Navigator Gold. Directory traversal vulnerability in
nph-publish before 1.2 allows remote attackers to overwrite arbitrary files via a '..' (dot dot) character sequence in the
path name for an upload operation. A malicious attacker can gain complete control of the server using this
vulnerability.
Signature ID: 329
Textcounter.pl cgi arbitrary command execution vulnerability
Threat Level: Warning
Industry ID: CVE-1999-1479 Bugtraq: 2265
Signature Description: Textcounter.pl is a script by Matt Wright that provides features like counters, guest books, and
http cookie management to the website. Due to insufficient validation of user input in Matt Wright TextCounter 1.2, it