Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
919293949596979899100
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
96
Signature ID: 649
TtCMS Header.PHP Remote File Include Vulnerability
Threat Level: Information
Industry ID: CVE-2003-0320 Bugtraq: 7625
Signature Description: TtCMS is a PHP-based content management system that fully supports MySQL. ttCMS(ttCMS
version 2.3 and prior) could allow a remote attacker to include malicious PHP files. A remote attacker could send a
specially-crafted URL request to the header.php script using the ?admin_root variable that specifies a malicious PHP
file on a remote system as a parameter, an attacker can use this vulnerability to execute arbitrary code on the vulnerable
system. No remedy available as of September, 2008.
Signature ID: 650
Turba status.php access vulnerability
Threat Level: Information
Bugtraq: 7622 Nessus: 11646
Signature Description: This event indicates that an attempt has been made to exploit potential weaknesses in php
applications. The Turba of Horde(Horde version 2.1) PHP application allows a user to request the status.php file which
may disclose valuable information about the host and the application. The attacker may be trying to gain information
on the php implementation on the host, this may be the prelude to an attack against that host using that information. No
remedy available as of September, 2008.
Signature ID: 651
BLNews objects.inc.php4 PHP file include Vulnerability
Threat Level: Information
Industry ID: CVE-2003-0394 Bugtraq: 7677 Nessus: 11647
Signature Description: BLNews is a web-based news application written in PHP. BLNews(BLNews version 2.1.3)
could allow a remote attacker to include malicious PHP files. A remote attacker could send a specially-crafted URL
request to the objects.inc.php4 script using the $server variable that specifies the tools.inc.php4 or cmd.php4 script
from a remote system as a parameter, an attacker can exploit this vulnerability to upload a malicious PHP files and
execute arbitrary PHP code with the privileges of the web server. No remedy available as of September, 2008.
Signature ID: 653
WEB-PHP TextPortal admin.php default password (12345)
Threat Level: Information
Bugtraq: 7673 Nessus: 11660
Signature Description: TextPortal is a text-based PHP portal system with forum, voting, user registration, etc.
TextPortal(TextPortal version 0.8 and prior) could allow a remote attacker to gain unauthorized access. TextPortal
encrypts passwords using crypt and stores them in the 'db_ures\admin_pass.php' file. Specifically, TextPortal uses
'12345' as the default password for the 'god2' user account. If the Administrator fails to change the default password of
the "god2" account, a remote attacker could send a specially-crafted URL to the admin.php script to gain unauthorized
access to TextPortal. No remedy available as of September, 2008. This rule triggers when the default password is
'12345'.
Signature ID: 654
TextPortal Undocumented Username / Password Weakness
Threat Level: Information
Bugtraq: 7673 Nessus: 11660
Signature Description: TextPortal is a text-based PHP portal system with forum, voting, user registration, etc.
TextPortal(TextPortal version 0.8 and prior) could allow a remote attacker to gain unauthorized access. TextPortal