|
|
Info |
Last Modified |
| about 1 year ago |
|
|
|
|
|
This Entry needs help! It is only 45% Complete. Click the edit link above to add more information.
Contributing is fast and easy, and benefits the entire security community.
|
Description |
The Compaq Web Management Agent (Insight Agent) can be used as an HTTP proxy, which lets an attacker 'tunnel' HTTP requests through the vulnerable host. This could potentially be used to bypass firewall or other network restrictions, or to mask the attacker's origins.
|
|
Classification |
Unknown or Incomplete
|
|
Technical |
The Insight Agent runs on port 2301 of the host. Making a standard HTTP proxy request to the web service running on that host will determine if the vulnerability exists or not.
|
|
Solution |
Due to the information leak associated with this service, we recommend that you disable the Compaq Management Agent or filter access to TCP port 2301 and 280. If this service is required, installing the appropriate upgrade from Compaq will fix this issue. The issue is referenced in Compaq security advisory SSRT0715.
|
|
Products |
Unknown or Incomplete
|
|
|
|
|
|
Credit |
Unknown or Incomplete
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
