Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
71727374757677787980
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
79
Signature Description: Public folders are a part of the Microsoft Exchange information store that anyone can access.
The public folders are usually set up so that everyone has read access, but only one or two people have the authority to
add, remove, or change folder content. Microsoft Exchange Public Folders can be set to allow anonymous
connections(set by default). While administrator may disable the "Find Users" features, an attacker can use this
vulnerability to gain critical information about the users(such as full email address, phone numbers, etc).
Signature ID: 526
Matt Wright FormMail Remote Command Execution Vulnerability
Threat Level: Information
Industry ID: CVE-2001-0357
CVE-1999-0172 Bugtraq: 2079,1187 Nessus: 10782
Signature Description: FormMail is a generic HTML form to e-mail gateway that parses the results of any form and
sends them to the specified users. This rule triggered when an attacker can create a web page which references a
FormMail script on a remote host, once the user click the link. An attacker can gain access and execute arbitrary
commands on the victim's server and send anonymous email by modifying the recipient and message parameters. The
affected version of FormMail is 1.6 and earlier. The issue is fixed in the version of FormMail(1.6 or later). Update this
version for removing this issue, which is available at vendor's web site.
Signature ID: 528
FormMail.cgi Information Disclosure Vulnerability
Threat Level: Information
Bugtraq: 1187
Signature Description: Matt Wright Form-mail is a CGI utility script in Perl that provides form authors with a simple
mechanism to create and send both simple Email items and more complex Email. The Affected versions of Matt
Wright FormMail are 1.6, 1.7, and 1.8. This rule will triggers when a remote attacker could send specially-crafted
HTTP request to the formmail.cgi script, an attacker can use this vulnerability to obtain sensitive information. This
issue is fixed in Matt Wright Formmail 1.9.
Signature ID: 551
Shopping Cart Arbitrary Command Execution vulnerability
Threat Level: Warning
Industry ID: CVE-2001-0992 Bugtraq: 3308 Nessus: 10764
Signature Description: Hassan Consulting's Shopping Cart is commercial web store software. The Shopping Cart
allows your website to track visitors as they pass from page to page, keeping track of items clicked on and information
sent by the user. When the user exits, totals can be calculated and orders/data can be sent. Shopping Cart(Hassan
Consulting Shopping Cart version 1.23) does not filter certain types of user-supplied input from web request. A remote
attacker could send a specially-crafted URL request to the shop.pl script containing shell metacharacters in the page
parameter, an attacker can use this vulnerability to execute arbitrary commands on the server. No remedy available as
of September, 2008.
Signature ID: 552
Web Server robots.txt Information Disclosure Vulnerability
Threat Level: Information
Nessus: 10302
Signature Description: The robot.txt file is commonly placed in the root directory of a system's web server to control
the actions of web robots(Robots are programs that traverse many pages in the World Wide Web by recursively
retrieving linked pages). This rule will triggers when an attacker could requesting the '/robots.txt' file, an attacker can
use this vulnerability to retrieve sensitive information and directories on the affected site.