TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
67
Signature Description: PHP is a widely used general purpose scripting language that is especially suited for Web
development and can be embedded into html. PHP(4.1.0, 4.1.1, 4.0.6) and earlier versions are vulnerable to a heap
based buffer overflow. This vulnerability is due to insufficient sanitization of user supplied data. A successful
exploitation of this vulnerability allow an attacker to execute arbitrary commands on the vulnerable system. This
vulnerability is fixed in 4.1.2 version. Administrators are advised to update 4.1.2 version or later version to resolve this
issue.
Signature ID: 380
Php POST file uploads vulnerable
Threat Level: Warning
Industry ID: CVE-2002-0081
Bugtraq: 4183 Nessus: 10867
Signature Description: PHP is a widely used general purpose scripting language that is especially suited for Web
development and can be embedded into html. PHP 3.0.x and earlier versions are vulnerable to a heap based buffer
overflow. This vulnerability is due to insufficient sanitization of user supplied data. A successful exploitation of this
vulnerability allow an attacker to execute arbitrary commands on the vulnerable system. This vulnerability is fixed in
4.1.2 version. Administrators are advised to update 4.1.2 version or later version to resolve this issue.
Signature ID: 381
Access to Vulnerable Cart32 CGI vulnerable
Threat Level: Severe
Industry ID: CVE-2000-0429 Bugtraq: 1153 Nessus: 10389
Signature Description: Cart32 is shopping cart software built for Microsoft Servers using Visual Basic, a MySQL
database, and html components. Cart32 provides shopping cart, checkout, and storefront hosting facilities to tens of
thousands of online retail clients internationally. Cart32 3.0 is vulnerable to a reconnaissance. A successful exploitation
of this vulnerability will allow an attacker to obtain username, password, credit card numbers, and other crucial details.
No remedy is available.
Signature ID: 383
Access to Vulnerable Dansie Shopping Cart CGI
Threat Level: Warning
Industry ID: CVE-2000-0252 CVE-2000-0254 Bugtraq: 1115 Nessus: 10368
Signature Description: The Dansie Shopping Cart, is an e-commerce solution. Dansie Shopping Cart 3.04 is
vulnerable. The vulnerable Dansie Shopping Cart allows remote users to modify shopping cart contents by requesting a
certain url with altered variables. This signature specifically detects "cart.pl" pattern in the traffic sent to the http server.
Signature ID: 385
IIS Sample File cmd.exe vulnerability
Threat Level: Warning
Industry ID: CVE-2000-0540 Bugtraq: 1386 Nessus: 11003,10444,10996
Signature Description: Microsoft IIS(Internet Information Server) is a group of Internet servers including Hypertext
Transfer Protocol service and a File Transfer Protocol service. It was developed by Microsoft. This signature detects an
attempt made to exploit potential weaknesses in a host running Microsoft IIS. A successful exploitation of this
vulnerability allows an attacker to access sensitive information on the vulnerable system. This signature specifically
detects "cmd.exe" pattern in the traffic sent to the http server.
Signature ID: 386
IIS Sample File root.exe vulnerability
Threat Level: Warning
Industry ID: CVE-2000-0540
Bugtraq: 1386 Nessus: 11003,10444,10996