Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Compaq Insight Manager Proxy Vuln
From: "Brewis, Mark" <mark.brewis () EDL UK EDS COM>
Date: Thu, 22 Mar 2001 17:48:35 -0000
Impact: Serious

Compaq Insight Manager has a serious configuration issue which allows the
use of the software as a proxy server.  No logging is performed on either
the OS or app., making this a perfect anonymous proxy.

Rec: Disable Anonymous connection to agent and server, block port 2301
inbound and outbound at network gateways.

Reported to Compaq 14/03/01, advisory released 19/03/01.

http://www.compaq.com/products/servers/management/mgtsw-advisory.html


Mark Brewis
EDS CLEF
Information Assurance Group
Wavendon Tower, Milton Keynes, MK17 8LX.
Tel: 01908 284234
Mbl: 07989 291648
e@: mark.brewis () edl uk eds com
PGP Key ID:
BA44 0B30 74DB EB02 D545 90FE 1BBC E1F6 0F58 F12A

  By Date           By Thread  

Current thread:
  • Compaq Insight Manager Proxy Vuln Brewis, Mark (Mar 23)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]