Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:AUDIT:GENERIC-FMT-STR

Severity

 Medium

Recommended

 No

Category

 HTTP

Keywords

 Generic Format String in Url

Release Date

 2005/03/09

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Generic Format String in Url


This signature detects attempts to exploit an http server using common format strings. Attackers may gain complete control of the target host.

Extended Description

Sun Microsystems AnswerBook2 allows users to view Sun documentation through a web browser, and is available for Solaris. AnswerBook2 includes an administrative web interface. Reportedly, it is possible to access these scripts without authorization, and add a new administrative user of the AnswerBook2 system.

Affected Products

  • Sun AnswerBook2 1.2.0
  • Sun AnswerBook2 1.3.0
  • Sun AnswerBook2 1.4.0
  • Sun AnswerBook2 1.4.1
  • Sun AnswerBook2 1.4.2

References

  • BugTraq: 5383
  • BugTraq: 34461
  • CVE: CVE-1999-1417
  • CVE: CVE-2009-0993
  • URL: http://www.securityfocus.com/archive/1/10383

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out