GEN:SID 1:803
Message WEB-CGI HyperSeek hsx.cgi directory traversal attempt
Summary This event is generated when an attempt is made to access hsx.cgi and
then utilize a directory traversal technique to read files outside the
root directory of the web server. This indicates an attempt to exploit a
vulnerability in the Hyperseek 2000 search engine that allows
read-access to directory listings and files.

Impact Information gathering.
Detailed Information This event indicates that an attempt has been made to exploit a directory traversal vulnerability in HyperSeek 2000. When directory traversal techniques such as ../../ are used as arguments to hsx.cgi, an unauthorized user can navigate to directories and access files that are normally hidden.
Affected Systems Web servers running iWeb Systems HyperSeek 2000 are vulnerable.
Attack Scenarios An attacker can use a directory traversal technique when executing hsx.cgi to view hidden directories and files on the web server.
Ease of Attack Simple. Exploits exist.
Corrective Action Apply the appropriate vendor supplied patches.

Uprade to the latest non-affected version of the software.
Additional References Bugtraq
http://www.securityfocus.com/bid/2314

CERT/CC
http://www.kb.cert.org/vuls/id/146704

CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0253

Nessus
http://cgi.nessus.org/plugins/dump.php3?id=10602
Rule References bugtraq: 2314
cve: 2001-0253
nessus: 10602