Way-BOARD CGI could allow attackers to view unauthorized files (HTTP_Wayboard_Fileview)

About this signature or vulnerability

RealSecure Desktop, Proventia Network IPS, RealSecure Desktop Protector 3.6, IBM Security Host Protection for Desktops, BlackICE PC Protection, BlackICE Server Protection, RealSecure Sentry, RealSecure Guard, BlackICE Agent for Server, RealSecure Network, RealSecure Server Sensor, Proventia-G 1.1 and earlier, Proventia Network IDS, Proventia Network MFS, IBM Security Host Protection for Servers (Windows), Proventia Server IPS for Linux technology, Virtual Server Protection for Vmware, IBM Security Host Protection for Servers (Unix):

This signature detects an HTTP GET request for the wayboard.cgi file. The request includes an argument that starts with "db" and ends with "00".

Default risk level

 Medium

Sensors that have this signature

RealSecure Desktop: baseline, Proventia Network IPS: 2.0, RealSecure Desktop Protector 3.6: baseline, IBM Security Host Protection for Desktops: 8.0.614.1, BlackICE PC Protection: 3.6.cbd, BlackICE Server Protection: 3.6.cbd, RealSecure Sentry: 3.6, RealSecure Guard: 3.6, RealSecure Desktop Protector: 3.6, BlackICE Agent for Server: 3.6, RealSecure Network: 7.0, RealSecure Server Sensor: 7.0, Proventia-G 1.1 and earlier: G Series, Proventia Network IDS: A Series, Proventia Network MFS: 1.0, IBM Security Host Protection for Servers (Windows): 2.1.14.2400, IBM Security Host Protection for Servers (Windows): 1.0.914.0, Proventia Server IPS for Linux technology: 1.0, Virtual Server Protection for Vmware: 1.0, IBM Security Host Protection for Servers (Unix): 2.2.2

Systems affected

Way-BOARD Way-BOARD cgi

Type

Unauthorized Access Attempt

Vulnerability description

How to remove this vulnerability

References