Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
919293949596979899100
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
97
encrypts passwords using crypt and stores them in the 'db_ures\admin_pass.php' file. Specifically, TextPortal uses
'12345' as the default password for the 'god2' user account. If the Administrator fails to change the default password of
the "god2" account, a remote attacker could send a specially-crafted URL to the admin.php script to gain unauthorized
access to TextPortal. No remedy available as of September, 2008.
Signature ID: 656
Cafelog gm-2-b2.php remote command execution vulnerability
Threat Level: Information
Bugtraq: 7738 Nessus: 11667
Signature Description: CafeLog b2 WebLog tool allows users to generate new pages and weblogs dynamically. b2(b2
version 0.6.1) could allow a remote attacker to include malicious PHP files. A remote attacker could send a specially-
crafted URL request to the gm-2-b2.php script in the b2-tools directory that uses the $b2inc variable to specify a
malicious PHP file on a remote system, an attacker may exploit this vulnerability to execute arbitrary code on the
vulnerable system. No remedy available as of September, 2008.
Signature ID: 658
Webfroot Shoutbox URI Parameter File Disclosure Vulnerability
Threat Level: Information
Bugtraq: 7737 Nessus: 11668
Signature Description: Webfroot Shoutbox is a web application designed to allow web site visitors a chance to leave
messages quickly and easily. Shoutbox(Webfroot Shoutbox version 2.32 and prior) is prone to directory traversal
attacks. A remote attacker could send a specially-crafted URL request to the shoutbox.php script containing "dot dot"
sequences(../) as the value for the $conf variable to traverse directories. An attacker can exploit this vulnerability to
obtain any files on the Web server. No remedy available as of September, 2008.
Signature ID: 659
WEB-PHP p-news.php access vulnerability
Threat Level: Information
Industry ID: CVE-2006-5434 Bugtraq: 20569 Nessus: 11669
Signature Description: P-News(P-News version 1.16 and prior) is prone to a remote file-include vulnerability. A
remote attacker could send a specially-crafted URL request to the p-news.php script using the pn_lang parameter to
specify a malicious file from a remote system. An attacker can use this vulnerability to execute arbitrary server-side
script code on an affected computer with the privileges of the web server process. No remedy available as of
September, 2008.
Signature ID: 661
Mambo upload.php access vulnerability
Threat Level: Information
Bugtraq: 6572 Nessus: 16315
Signature Description: Mambo is a Content Management System(CMS). It is the engine behind your website that
simplifies the creation, management, and sharing of content. Mambo Site server(Mambo Site Server version 4.0.12b
and prior) could allow a remote attacker to upload malicious PHP files. A remote attacker could send a specially-
crafted URL request containing a malicious PHP file to the upload.php script. Specially, the script only checks to see
whether certain image extensions, such as '.jpg' and '.gif', exist in the file name. As such any file that include the
allowed extensions may be uploaded. Any uploaded files will be stored in the 'images/stories' directory on the system.
An attacker can exploit this vulnerability to upload malicious applications to the vulnerable system. No remedy
available as of July, 2008.