Home page logo

bugtraq logo Bugtraq mailing list archives

Compaq Insight Manager - related to Bugtraq ID 2500
From: "Brewis, Mark" <mark.brewis () eds com>
Date: Wed, 21 May 2003 18:40:06 +0100

Another one out of the back catalogue, seen again today.


Compaq Insight Manager Version 5.0 or below


The Proxy vulnerability identified in Bugtraq ID 2500, and the patch
produced by Compaq for that vuln. does not prevent ftp proxying.

On a host denying http proxying, it is possible to ftp over http to a third
party host, using CIM as the proxy.  You can't put or get (probably because
there isn't an ftp server on CIM to buffer the transfer), but you can
browse, allowing for a targeted attack.

Again, I talked to Compaq about this over a year ago, and they appeared to
work on the principle that the problem went away in the newest version of
CIM.  I'd forgotten about it until today, when I saw  a CIM/CMA installation

Advice - keep upgrading and patching, or stop using CIM.

Mark Brewis

Security Consultant
Information Assurance Group
Wavendon Tower
Milton Keynes
MK17 8LX.

Tel:    +44 (0)1908 28 4234/4013
Fax:    +44 (0)1908 28 4393
E@:     mark.brewis () eds com

This email is confidential and intended solely for the use of the
individual(s) to whom it is addressed. Any views or opinions presented are
solely those of the author.  If you are not the intended recipient, be
advised that you have received this email in error and that any use,
dissemination, forwarding, printing, or copying of this mail is strictly

Precautions have been taken to minimise the risk of transmitting software
viruses, but you must carry out your own virus checks on any attachment to
this message. No liability can be accepted for any loss or damage caused by
software viruses.

  By Date           By Thread  

Current thread:
  • Compaq Insight Manager - related to Bugtraq ID 2500 Brewis, Mark (May 22)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]