Compaq_Insight_Manager_version

Compaq Insight Manager Version


Summary

The web server included in Compaq Insight Manager could expose sensitive information. Anyone that have access to port 2301 where Compaq Insight Manager is installed could get unrestricted access to the servers disk through the "root dot dot" bug.

In addition, many of the supported agents may be vulnerable to buffer overflow exploits.

The problem

When installing Compaq Insight Manager a web server gets installed. This web server runs on port 2301 and is vulnerable to the old "root dot dot" bug. This bug gives unrestricted access to the vulnerable server's disk. Vulnerable versions include Compaq HTTP servers 1.2.14, 1.2.15, 1.3.12, 1.4.10.

Buffer overflow exploits of the vulnerable agents can occur in versions made prior to 2001. The administration tool is vulnerable to buffer overflow attack techniques employing maliciously-formed user-supplied input. Properly exploited, this vulnerability can allow a remote attacker to execute arbitrary code on the affected system, with the privilege level of the system administrator.

Fix

Where possible, disable the Compaq Web based server and management tools. If not practical, upgrade to a non-vulnerable version.

Reference(s):

Securityfocus Security Advisory BID 282

Securityfocus Security Advisory BID 2200

CVE References(s):