Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
81828384858687888990
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
90
ISAPI extension for receiving HTTP documents. The issue triggered when the HTTP Receiver has been enable, a
remote attacker could send a biztalkhttpreceive.dll via long string(more than 250 characters) to the HTTP Receiver, an
attacker can use this vulnerability to overflow a buffer and execute arbitrary code on the server or crash the IIS server.
The issue is fixed in the appropriate patch, Microsoft Security Bulletin MS03-016, which is available at vendor's web
site.
Signature ID: 613
"WEB-IIS Synchrologic Email Accelerator userid list access vulnerability
Threat Level: Information
Nessus: 11657
Signature Description: Microsoft IIS(Internet Information Server) is a group of Internet servers including Hypertext
Transfer Protocol service and a File Transfer Protocol service. It was developed <br>by Microsoft. This event indicates
that an attempt has been made to exploit a weakness in the Synchrologic's Email Accelerator application. Synchrologic
is a product which allows remote PDA users to synch with email, calendar, etc. This rule will triggers when an attacker
attempt to access aggregate.asp page. The successful exploitation of this issue will allow an attacker to gain
information on the list of users allow to use the service.
Signature ID: 614
WEB-IIS IISProtect access vulnerability
Threat Level: Information
Bugtraq: 7675,7661 Nessus: 11661
Signature Description: IISProtect is a third-party application that provides password authentication to directories on IIS
using a Web-based interface. An attacker can bypass authentication by requesting a specific file with an encoded URI,
and can then proceed to use SQL injection techniques to execute arbitrary code with administrative privileges.
iisProtect iisProtect 2.2,iisProtect iisProtect 2.1 are Vulnerable<br>
Signature ID: 615
WEB-IIS IISProtect globaladmin.asp access vulnerability
Threat Level: Information
Nessus: 11661
Signature Description: IISProtect will protect all web site files including images, databases, html, ASP and Protect
directories, users accounts, complete web administration. It provides Authentication, User Management, and
Membership Systems. This rule will triggered when an attacker send a specially-crafted URL request to the
globaladmin.asp page, an attacker can use this vulnerability to gain administrator access to the web server running
IISProtect without the need to authentication.
Signature ID: 616
WEB-IIS IISProtect siteadmin.asp access vulnerability
Threat Level: Information
Industry ID: CVE-2003-0377 Bugtraq: 7675 Nessus: 11662
Signature Description: IISProtect is a security product for Microsoft Windows that provides authentication based
access control to protect web resources. It is easy to use and requires no programming, Scripting or Web development
experience. iisPROTECT(iisPROTECT version 2.2-r4) is a SQL injection vulnerability, caused by improper filtering of
various variables. A remote attacker could send a specially-crafted URL request to the SiteAdmin.asp script containing
arbitrary SQL code in a 'GroupName' variable, an attacker could use this vulnerability to add, modify, or delete
information in the backend database. No remedy available as of July, 2008.