mailing list archives
Re: [VulnDiscuss] XSS bug in Compaq Insight Manager Http server
From: "sullo" <sullo () cirt net>
Date: Tue, 01 Oct 2002 13:29:33 -0400
It may be worth noting that the 2.0 and 2.1 releases are also
vulnerable, however 1.0 does not seem to be (getting worse, as 4.x
introduces a drop-down list of user names to choose from as well).
Also, it runs on some systems on port 49400 and https on 2381 (as well
as the 2301 mentioned below).
As for a "3rd party software tool" flagging all web servers as
vulnerable, well... I can only answer for Nikto, but yes indeed it will
report a vulnerable system as vulnerable, as it does with the Compaq
server. Exploiting for "value" is another discussion entirely, but I do
Taylor Huff wrote:
Advisory name: XSS bug in Compaq Insight Manager Http server
Application: Compaq Insight Manager Http server
Impact: XSS code execution
XSS bug in Compaq Insight Manager Http server
The Compaq Insight Manager Http server is vulnerable to the Cross Site
Scripting (XSS) vulnerability. This vulnerability is caused by the
results returned to a user when a non-existing file is requested. The
vulnerability would allow an attacker to make the server present another
executed without the users knowledge (e.g. the result contains the
with a popular open-source vulnerability assessment tool and confirmed
using the following XSS test.
There is a 3rd party software tool that can be used for security
assessments that flags any web server as potentially having this
problem. Our web servers do not, to our knowledge, have this
vulnerability. We have investigated it but it is a non-issue for us.
This issue is just a 'potential vulnerability' rather than a 'for sure'
problem. In other words, the tool is guessing that all web servers can
have this problem.
Home of Nikto
- Re: [VulnDiscuss] XSS bug in Compaq Insight Manager Http server sullo (Oct 04)