TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
972
Signature ID: 35570
E-vision cms addcontact.php module parameter Local File Inclusion vulnerability
Threat Level: Severe
Bugtraq: 32180
Signature Description: E-Vision CMS is a PHP-based content manager. e-Vision CMS is Web Content Management
System written in PHP, with MySQL database backend. It runs on Linux and Windows (with Apache). The e-Vision
CMS powered website can be designed and used with no technical background. The application is prone to multiple
local file-include vulnerabilities because it fails to properly sanitize user-supplied input to the 'module' parameter of the
/modules/contact/adminpart/addcontact.php? script. An attacker can exploit these vulnerabilities using directory-
traversal strings to view local files and execute local scripts within the context of the webserver process. A successful
attack can allow the attacker to obtain sensitive information or gain unauthorized access to an affected computer in the
context of the vulnerable server. e-Vision CMS 2.0.2 is vulnerable, other versions may also be affected.
Signature ID: 35571
E-vision cms addbrandnews.php module parameter Local File Inclusion vulnerability
Threat Level: Severe
Bugtraq: 32180
Signature Description: E-Vision CMS is a PHP-based content manager. e-Vision CMS is Web Content Management
System written in PHP, with MySQL database backend. It runs on Linux and Windows (with Apache). The e-Vision
CMS powered website can be designed and used with no technical background. The application is prone to multiple
local file-include vulnerabilities because it fails to properly sanitize user-supplied input to the 'module' parameter of the
/modules/brandnews/adminpart/addbrandnews.php? script. An attacker can exploit these vulnerabilities using
directory-traversal strings to view local files and execute local scripts within the context of the webserver process. A
successful attack can allow the attacker to obtain sensitive information or gain unauthorized access to an affected
computer in the context of the vulnerable server. e-Vision CMS 2.0.2 is vulnerable, other versions may also be
affected.
Signature ID: 35572
Gateway CWebLaunchCtl ActiveX Control Command Execution and Remote Buffer Overflow
Vulnerability
Threat Level: Warning
Industry ID: CVE-2008-0221
Bugtraq: 27193
Signature Description: The Gateway Computers CWebLaunchCtlActiveX control, which is provided by
weblaunch.ocx and weblaunch2.ocx, contains a buffer overflow in the DoWebLaunch() method. Directory traversal
vulnerability in the WebLaunch.WeblaunchCtl.1 ActiveX control includes the insecure "DoWebLaunch()" method,
which can be exploited to execute arbitrary commands on the vulnerable system.By persuading a victim to visit a
malicious Web page that passes an overly long string to the DoWebLaunch() method which allows remote attackers to
execute arbitrary programs via a ..\ (dot dot backslash) in the second argument to the DoWebLaunch method. The
vulnerable versions are weblaunch.ocx 1.0.0.1 and weblaunch2.ocx, which provide the ActiveX control, other versions
may also be affected. Failed exploit attempts will likely result in denial-of-service conditions. No remedy available as
of Nov 2008, user can set killbit to the clsid 97BB6657-DC7F-4489-9067-51FAB9D8857E to resolve this issue.
Signature ID: 35573
Gateway CWebLaunchCtl ActiveX Control Command Execution and Remote Buffer Overflow
Vulnerability
Threat Level: Warning
Industry ID: CVE-2008-0221
Bugtraq: 27193
Signature Description: The Gateway Computers CWebLaunchCtlActiveX control, which is provided by
weblaunch.ocx and weblaunch2.ocx, contains a buffer overflow in the DoWebLaunch() method. Directory traversal