Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1 Administration Manual page 946

Network and Security Manager Administration Guide
HTTP:INFO-LEAK:WEB-INF-DOT
HTTP:INFO-LEAK:WR850-CONF-DL
HTTP:INVALID:INVLD-AUTH-CHAR
HTTP:INVALID:INVLD-AUTH-LEN
HTTP:INVALID:MISSING-REQ
HTTP:IRIX:CGI-BIN-WRAP
HTTP:MISC:EMULIVE-ADMIN
HTTP:MISC:HP-PROCURVE-RESET
HTTP:MISC:MOBY-LENGTH-DOS
HTTP:MISC:MOODLOGIC-CLIENT
HTTP:MISC:NG-WG602-BACKDOOR
896
This signature detects attempts to exploit a vulnerability in
Windows Web servers with J2EE. Attackers may append a
'.' character to a request for the WEB-INF directory (where
J2EE class files are typically stored) to bypass directory
security and gain access to normally protected files.
This signature detects attempts to download the
configuration file from a Motorola WR850G Wireless Router.
This protocol anomaly is an HTTP header with an
authorization string that contains an invalid character. The
authorization line is decoded using base64.
This protocol anomaly is an HTTP header with an
authorization string that has an invalid length (a length that
is not a multiple of 4). Because the authorization line is
encoded/decoded using base64, the length must be a
multiple of 4.
This protocol anomaly is an HTTP header that has no request
line or request uniform resource identifier (URI).
This signature detects attempts to exploit the wrap CGI
script in SGI IRIX. Attackers may list the contents of Web
server directories.
This signature detects an attempt to gain unauthorized
administrative access to an EmuLive Server4 daemon.
This signature detects denial-of-service (DoS) attempts
against the HP Procurve 4000M switch. Configuration
changes for the switch are made via an HTTP-based
interface; however, the script that resets the switch after a
configuration change does not properly authenticate the IP
address that calls the script. Attackers may call the script
repeatedly to perform a DoS.
This signature detects denial-of-service (DoS) attacks
against the Moby NetSuite. Attackers may send a maliciously
crafted HTTP POST request that contains an invalid
Content-Length field to the host to crash the Web server.
This signature detects use of the Mood Logic client. Mood
Logic is an MP3 catalogue system that helps users identify
and classify MP3s. If your organization prohibits the use of
MP3s, use this signature to detect Mood Logic clients.
This signature detects attempts to administer a Netgear
WG602 using an undocumented administrator
username/password that cannot be changed or disabled.
Attackers can modify any setting on the WG602 to perform
a denial-of-service (DoS) on the Netgear device or
circumvent other access control protocols.
medium sos5.0.0,
sos5.1.0
medium sos5.0.0,
sos5.1.0
high sos5.1.0
high sos5.1.0
medium sos5.1.0
medium sos5.0.0,
sos5.1.0
medium sos5.1.0
medium sos5.0.0,
sos5.1.0
medium sos5.1.0
info sos5.1.0
high sos5.1.0
Copyright © 2010, Juniper Networks, Inc.