Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
919293949596979899100
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
94
specially-crafted URL request for any non-default Lotus file types(like Crystal Server pages(".csp")) appended with a
"dot" character. This could allow the attacker to view source code and disclose sensitive information, such as database
credentials, embedded in server side scripts or include files. No remedy available as of September, 2008.
Signature ID: 637
WEB-MISC iPlanet .perf access Vulnerability
Threat Level: Information
Nessus: 11220
Signature Description: IPlanet is Sun Microsystem's solution for a Web server and related programs intended to allow
an enterprise to take advantage of the Internet. It uses the file '.perf' to display performance statistics for the server. This
rule triggered when an attacker can send a request for the file '.perf'. The successful exploitation allow an attacker can
access the statistics for the server.
Signature ID: 638
Apache Tomcat Null Byte Directory/File Disclosure Vulnerability
Threat Level: Information
Industry ID: CVE-2003-0042 Bugtraq: 6721 Nessus: 11438
Signature Description: Apache Tomcat is the servlet container that is used in the official Reference implementation for
the Java Servlet and JavaServer Pages technologies. Apache Tomcat, version before 3.3.1a, could allow a remote
attacker to obtain sensitive information. The issue was triggered when a remote attacker sends a HTTP request
containing null(%00) or backslash(\) characters, an attacker can use this exploitation to disclose sensitive information
and also execute malicious java code on the web server. The issue is fixed in the version of Tomcat 3.3.1a or later.
Update this version for removing the issue, which is available at vendor's web site.
Signature ID: 639
WEB-MISC DB4Web access Vulnerability
Threat Level: Information
Nessus: 11180
Signature Description: DB4Web is an application server used to access various sources of data via a web interface.
DB4Web does not handle the characters ": and "\" correctly when they are URL encoded. An attacker can use this flaw
to gain access to sensitive system information. Also the application does not correctly handle the use of extra "/" in a
URI. It is also possible for the attacker to open arbitrary TCP connections using DB4Web and may be able to use it for
portscanning other hosts.
Signature ID: 640
MondoSearch Source Disclosure Vulnerability
Threat Level: Information
Industry ID: CVE-2002-1528 Bugtraq: 5941 Nessus: 11163
Signature Description: MondoSearch is an advance, multilingual enterprise search engine. It helps users quickly find
relevant data across the enterprise. MondoSearch fails to sufficiently validate user supplied requests for .cgi files.
MondoSearch, version 4.4, could allow a remote attacker to obtain script source code. The issue triggered when an
attacker could send a specially-crafted string to the 'MsmMask.exe' using 'mask' parameter, an attacker can use this
vulnerability to view the source code of arbitrary files. No remedy available as of July, 2008.
Signature ID: 642
WEB-MISC helpout.exe access Vulnerability
Threat Level: Information
Industry ID: CVE-2002-1169 Bugtraq: 6002
Signature Description: IBM Web Traffic Express (WTE) is a Web caching proxy server that is included as a