Signature Detail
Short Name |
HTTP:STC:SRVRSP:404-NOT-FOUND |
|---|---|
Severity |
Info |
Recommended |
No |
Category |
HTTP |
Keywords |
Server Error 404: Object Not Found |
Release Date |
2004/05/26 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Server Error 404: Object Not Found
This signature detects attempts to access files or objects on a Web server that the Web server does not contain. Because nonexistent files are a common occurrence, this signature matches frequently and might not be appropriate for all Security Policies.
Extended Description
HP OpenView Network Node Manager is prone to a remote code-execution vulnerability because the 'webappmon.exe' CGI application fails to adequately validate user-supplied input. Successful exploits can allow an attacker to execute arbitrary code with the privileges of the user running the webserver. Failed exploit attempts will likely result in denial-of-service conditions. OpenView Network Node Manager 7.51 and 7.53 are vulnerable.
Affected Products
- HP OpenView Network Node Manager 7.51
- HP OpenView Network Node Manager 7.53
References
- BugTraq: 42154
- BugTraq: 42154
- CVE: CVE-2010-2709
- URL: http://www.w3.org/Protocols/rfc1945/rfc1945
- URL: ftp://ftp.isi.edu/in-notes/rfc2616.txt