CERTVU:275979Compaq web-enabled management software buffer overflow vulnerability
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
26.3%
Overview
The Compaq web-enabled management software contains a buffer overflow. Remote intruders may be able to execute arbitrary code with privileges on affected systems. Many Compaq products are affected, from personal computers to commercial UNIX operating systems.
Description
The Compaq web-enabled management software allows system management information to be accessed through a web interface. This web interface contains a buffer overflow.
Affected Compaq products include those running Microsoft Windows 9x, Windows NT, Windows 2000, NetWare, SCO Open Server, SCO UnixWare 7, RedHat 6.2, RedHat 7.0, Tru64Unix, and OpenVMS. Web-enabled management software is also supported for Compaq storage products.
Compaq has produced a security advisory describing this problem at
<http://www.compaq.com/products/servers/management/SSRT0758.html>
Impact
A remote attacker may be able to execute arbitrary code with privileges on systems running the vulnerable software.
Solution
Apply a Patch
Apply a patch from your vendor. Information about patches to correct this problem is available in the Compaq security advisory. The patches described in Compaq security advisory SSRT0758 correct this vulnerability and those decribed in VU#137024 and VU#991240.
Disable the Web-Enabled Management Software
You can prevent this vulnerability from being exploited by disabling the web-enabled management software.
Block Ports 2301 and 280 at Your Perimeter
Port 2301 (the device management port) is the port used to access the vulnerable code. Blocking access to this port from untrusted sources may reduce the risk of exploitation. You may also wish to block port 280 (the Compaq Insight Manager XE port).
Vendor Information
275979
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Compaq Computer Corporation __ Affected
Updated: November 19, 2001
Status
Affected
Vendor Statement
A security advisory describing this issue is available from Compaq at:
<http://www.compaq.com/products/servers/management/SSRT0758.html>
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has archived a PGP signed copy of the Compaq security advisory below.
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
- <http://www.compaq.com/products/servers/management/SSRT0758.html>
- <http://www.compaq.com/products/servers/management/mgtsw-advisory.html>
- <http://www.compaq.com/products/servers/management/mgtsw-advisory2.html>
- <http://www.securityfocus.com/bid/3376>
Acknowledgements
The CERT/CC thanks Compaq for their advisory on this topic.
This document was written by Cory F. Cohen.
Other Information
| CVE IDs: | CVE-2001-0728 |
|---|---|
| Severity Metric: | 11.22 Date Public: |
Related
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
26.3%