[19821] in bugtraq
FW: Compaq Insight Manager Proxy Vuln
daemon@ATHENA.MIT.EDU (Christopher Curtiss)
Fri Mar 23 18:23:48 2001
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Message-ID: <C9355BA81050D311B3930090278A0B8E01257266@arbor.softlock.com>
Date: Fri, 23 Mar 2001 11:30:20 -0500
Reply-To: Christopher Curtiss <ccurtiss@DIGITALGOODS.COM>
From: Christopher Curtiss <ccurtiss@DIGITALGOODS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
Compaqs site recommends stopping the Insight Manager and web-agent services
in control-panel, this alone doesn't stop port 2301 from showing your
machine stats. You must also disable the surveyor service, this takes down
the page and stops polling the machine.
Chris Curtiss
-----Original Message-----
From: Brewis, Mark [mailto:mark.brewis@EDL.UK.EDS.COM]
Sent: Thursday, March 22, 2001 12:46 PM
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: Compaq Insight Manager Proxy Vuln
Importance: High
Impact: Serious
Compaq Insight Manager has a serious configuration issue which allows the
use of the software as a proxy server. No logging is performed on either
the OS or app., making this a perfect anonymous proxy.
Rec: Disable Anonymous connection to agent and server, block port 2301
inbound and outbound at network gateways.
Reported to Compaq 14/03/01, advisory released 19/03/01.
http://www.compaq.com/products/servers/management/mgtsw-advisory.html
Mark Brewis
EDS CLEF
Information Assurance Group
Wavendon Tower, Milton Keynes, MK17 8LX.
e@: mark.brewis@edl.uk.eds.com
PGP Key ID:
BA44 0B30 74DB EB02 D545 90FE 1BBC E1F6 0F58 F12A
