TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
846
PHP/MySQL/Smarty. e-Ark supports both Linux/Windows. e-Ark e-Ark 1.0 is vulnerable,src/ark_inc.php in e-Ark 1.0
allows remote attackers to execute arbitrary PHP code via a URL in the cfg_pear_path parameter.
Signature ID: 34820
HTTP e-Ark cfg_vcard_path File Inclusion Vulnerability
Threat Level: Warning
Industry ID: CVE-2006-6086
Bugtraq: 21224
Signature Description: E-Ark aims at providing a diocese and its churchs with the online tools to efficiently manage
the data for its parishioners and provide best service and care for them. e-Ark will be developed using
PHP/MySQL/Smarty. e-Ark supports both Linux/Windows. e-Ark e-Ark 1.0 is vulnerable,src/vcard_inc.php in e-Ark
1.0 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_vcard_path parameter.
Signature ID: 34822
PHP Easy Download Multiple Parameter Remote Code Execution Vulnerability
Threat Level: Warning
Signature Description: An easy to use download script. Simply drop the script into the directory where the download
files reside and the script does the rest of the work. It will thumbnail JPG images if the GD library is available. It
features sorting by popularity, alphabetically or file size; searching by keyword; download list pagination; PHP Easy
Download version 1.5 and prior are vulnerable, which could be exploited by attackers to compromise a vulnerable web
server. These flaws are due to input validation errors in the "file_info/admin/save.php" script that does not validate the
"description", "moreinfo", "accesses", "date", and "filename" parameters before being written to PHP files, which could
be exploited by malicious users to inject and execute arbitrary PHP code with the privileges of the web server. Exploit
attempts of this vulnerability detected using a combination of two signatures, this is second signature and generate log
message.
Signature ID: 34823
PHP Easy Download Multiple Parameter Remote Code Execution Vulnerability
Threat Level: Warning
Signature Description: An easy to use download script. Simply drop the script into the directory where the download
files reside and the script does the rest of the work. It will thumbnail JPG images if the GD library is available. It
features sorting by popularity, alphabetically or file size; searching by keyword; download list pagination; PHP Easy
Download version 1.5 and prior are vulnerable, which could be exploited by attackers to compromise a vulnerable web
server. These flaws are due to input validation errors in the "file_info/admin/save.php" script that does not validate the
"description", "moreinfo", "accesses", "date", and "filename" parameters before being written to PHP files, which could
be exploited by malicious users to inject and execute arbitrary PHP code with the privileges of the web server.
Signature ID: 34824
Cisco Phone 7940 remote DOS
Threat Level: Severe
Industry ID: CVE-2007-5583 Bugtraq: 26711
Signature Description: SIP is an application layer protocol that can establish, modify and terminate multimedia
sessions such as Internet telephone calls. INVITE message is used to initiate and maintain a communication session.
An attacker generates the SIP INVITE transactions to victim, the Request-URI of the message should have a user
name, but attacker will send without user name, then the device will be crashed. In order to drive the device to a DoS
state only 6 transactions are required. No remedy available as of December 2007.