Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
919293949596979899100
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
95
component in the WebSphere Edge Server. WebSphere refers to a brand of IBM software products. It is designed to set
up, operate, and integrate e-business applications across multiple computing platforms using java-based Web
technologies. IBM Web Traffic Express(IBM WebSphere Caching Proxy Server versions 3.6 and 4.0) is a denial of
service vulnerability. A remote attacker could send a malformed HTTP request to the /cgi-bin/helpout.exe script, the
attacker would cause the proxy server(ibmproxy.exe) to crash. Upgrade the latest version(4.0.1.26 or later), available at
vendor's website.
Signature ID: 643
WebLogic Server and Express HTTP TRACE Credential Theft Vulnerability
Threat Level: Information
Industry ID: CVE-2004-2320
Bugtraq: 9506,9561,11604 Nessus: 11213
Signature Description: The TRACE method is used when debugging a webserver to ensure that server returns
information to the client correctly. When used with other vulnerabilities it is possible to use the TRACE method to
return sensitive information from a webserver such as authentication data and cookies. This is known as a Cross Site
Tracing (XST) attack. The Affected versions are BEA WebLogic Server and Express 8.1 SP2 and earlier, 7.0 SP4 and
earlier, 6.1 through SP6, and 5.1 through SP13.
Signature ID: 644
TtForum remote command execution Vulnerability
Threat Level: Information
Industry ID: CVE-2003-1459 CVE-2003-0331 Bugtraq: 7542,7543 Nessus: 11615
Signature Description: TtForum is web based forum implemented in PHP. ttForum/ttCMS(ttCMS 2.2) could allow a
remote attacker to include malicious PHP files. A remote attacker could send a specially-crafted URL request to the
index.php script using the $template variable that specified a malicious PHP file on a remote system as a parameter, an
attacker can use this vulnerability to execute arbitrary code on the vulnerable system. No remedy available as of
September, 2008.
Signature ID: 645
PHP-Proxima autohtml.php access Vulnerability
Threat Level: Information
Industry ID: CVE-2003-0294 Bugtraq: 7598 Nessus: 11630
Signature Description: PHP-Proxima is a website portal system. It is implemented in PHP. PHP-Proxima(PHP-
Proxima version 6.0) could allow a remote attacker view known files on the system. By sending a specially-crafted
URL request to the autohtml.php that specifies a known file on the system for the '$name' variable, which would allow
the attacker to access the contents of the targeted file to obtain sensitive information. No remedy available as of
September, 2008.
Signature ID: 647
OmniHTTPd test.php sample cross-site scripting Vulnerability
Threat Level: Information
Industry ID: CVE-2002-1455 Bugtraq: 5568 Nessus: 11617
Signature Description: OmniHTTPD is a powerful all-purpose industry compliant web server built specially for the
Windows. OmniHTTPD(OmniHTTPd version below 2.4) is a cross-site scripting vulnerability. A remote attacker
could create a specially-crafted URL request containing test.php script embedded using hexadecimal URL encoded
characters to one of the sample page, once the link is clicked. An attacker can use this vulnerability to steal cookies or
perform other web-based attacks. No remedy available as of September, 2008.