sos5.0.0,
sos5.1.0
medium
This signature detects denial-of-service (DoS) attempts
against Microsoft IIS 5.0 servers with WebDAV extensions
enabled. Attackers may send a maliciously crafted WebDAV
SEARCH request in an HTTP request to DoS the Web server.
HTTP:IIS:WEBDAV:MALFORMED-REQ1
sos5.0.0,
sos5.1.0
medium
This signature detects denial-of-service (DoS) attempts
against Microsoft IIS 5.0 servers with WebDAV extensions
enabled. Attackers may send a maliciously crafted WebDAV
SEARCH request in an HTTP request to DoS the Web server.
HTTP:IIS:WEBDAV:MALFORMED-REQ2
sos5.1.0
critical
This signature detects buffer overflow attempts against
Microsoft IIS WebDAV. Attackers may send a maliciously
crafted WebDAV URL request that contains 65535 or 65536
bytes to the Web server to execute arbitrary code as the
system account.
HTTP:IIS:WEBDAV:SEARCH-OF
sos5.1.0
medium
This signature detects denial-of-service (DoS) attempts
against the WebDAV XML Message Handler in Microsoft IIS.
Attackers may send a malicious HTTP request to a WebDAV
enabled IIS server to cause it to consume all system
resources. A machine reboot is required to resume service.
HTTP:IIS:WEBDAV:XML-HANDLER-DOS
sos5.1.0
info
This signature detects HTTP POST requests with GET
parameters. POST requests should not have parameters on
the same line as the request method. This may indicate a
poorly-written Web application or HTTP tunneling.
HTTP:INFO:HTTPPOST-GETSTYLE
"This signature detects attempts to bypass directory
permissions set on the /cgi-bin directory of a GoAhead web
server. GoAhead WebServer versions 2.1.8 and earlier are
vulnerable. Attackers may supply an invalid URL to the server
to reveal the contents of certain private directories on the
server.
HTTP:INFO-LEAK:GOAHEAD-PERM
sos5.0.0,
sos5.1.0
medium
This signature detects probes for the .htaccess file, used by
the Apache Web server for configuration directives. Attackers
may be attempting to gain access to the Web server.
HTTP:INFO-LEAK:HTACCESS
sos5.0.0,
sos5.1.0
medium
This signature detects attempts to access the .htpasswd
file on a Web server.
HTTP:INFO-LEAK:HTPASSWD-REQUEST
sos5.0.0,
sos5.1.0
low
This signature detects attempts to access the diagnostic
utility supplied with the Vignette Application server. Because
the utility does not use access controls, attackers (or any
client) may connect to the utility and access sensitive
configuration information.
HTTP:INFO-LEAK:VIGNETTE-DIAG
"This signature detects attempts to exploit a vulnerability
in Vignette Story Server. Vignette Story Server versions 4.1
and 6 are vulnerable. Attackers may expose information
about user sessions, server side code, and other sensitive
information.
HTTP:INFO-LEAK:VIGNETTE-LEAK
895
Copyright © 2010, Juniper Networks, Inc.
Appendix E: Log Entries
Summary of Contents for NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1
Page 6: ...Copyright 2010 Juniper Networks Inc vi...
Page 36: ...Copyright 2010 Juniper Networks Inc xxxvi Network and Security Manager Administration Guide...
Page 52: ...Copyright 2010 Juniper Networks Inc 2 Network and Security Manager Administration Guide...
Page 90: ...Copyright 2010 Juniper Networks Inc 40 Network and Security Manager Administration Guide...
Page 146: ...Copyright 2010 Juniper Networks Inc 96 Network and Security Manager Administration Guide...
Page 236: ...Copyright 2010 Juniper Networks Inc 186 Network and Security Manager Administration Guide...
Page 292: ...Copyright 2010 Juniper Networks Inc 242 Network and Security Manager Administration Guide...
Page 314: ...Copyright 2010 Juniper Networks Inc 264 Network and Security Manager Administration Guide...
Page 368: ...Copyright 2010 Juniper Networks Inc 318 Network and Security Manager Administration Guide...
Page 370: ...Copyright 2010 Juniper Networks Inc 320 Network and Security Manager Administration Guide...
Page 484: ...Copyright 2010 Juniper Networks Inc 434 Network and Security Manager Administration Guide...
Page 584: ...Copyright 2010 Juniper Networks Inc 534 Network and Security Manager Administration Guide...
Page 588: ...Copyright 2010 Juniper Networks Inc 538 Network and Security Manager Administration Guide...
Page 600: ...Copyright 2010 Juniper Networks Inc 550 Network and Security Manager Administration Guide...
Page 678: ...Copyright 2010 Juniper Networks Inc 628 Network and Security Manager Administration Guide...
Page 694: ...Copyright 2010 Juniper Networks Inc 644 Network and Security Manager Administration Guide...
Page 700: ...Copyright 2010 Juniper Networks Inc 650 Network and Security Manager Administration Guide...
Page 706: ...Copyright 2010 Juniper Networks Inc 656 Network and Security Manager Administration Guide...
Page 708: ...Copyright 2010 Juniper Networks Inc 658 Network and Security Manager Administration Guide...
Page 758: ...Copyright 2010 Juniper Networks Inc 708 Network and Security Manager Administration Guide...
Page 788: ...Copyright 2010 Juniper Networks Inc 738 Network and Security Manager Administration Guide...
Page 882: ...Copyright 2010 Juniper Networks Inc 832 Network and Security Manager Administration Guide...
Page 908: ...Copyright 2010 Juniper Networks Inc 858 Network and Security Manager Administration Guide...
Page 918: ...Copyright 2010 Juniper Networks Inc 868 Network and Security Manager Administration Guide...
Page 920: ...Copyright 2010 Juniper Networks Inc 870 Network and Security Manager Administration Guide...
Page 1005: ...PART 6 Index Index on page 957 955 Copyright 2010 Juniper Networks Inc...
Page 1006: ...Copyright 2010 Juniper Networks Inc 956 Network and Security Manager Administration Guide...