Compaq Insight Agent Format String

2003-08-03T10:29:17
ID OSVDB:2377
Type osvdb
Reporter OSVDB
Modified 2003-08-03T10:29:17

Description

Vulnerability Description

Compaq Insight Manager HTTP Server contains a flaw that may allow a malicious user to compromise the Insight Manager system. The issue is triggered when a long URL with malicious data is sent to the server. It is possible that the flaw may allow the execution of arbitrary code with LocalSystem privileges resulting in a loss of control.

Technical Description

Version 5.00H is known to be vulnerable. Version 5.00G may be vulnerable, there is no information available.

Version 5.00K does not claim to fix the vulnerability, but was not tested.

Version 5.01A claims to have "Changed default installation to not install the web agent due to unresolved security concerns" which implies that the format string vuln has not yet been fixed.

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s): Turn off the HTTP server or block access from all but trusted workstations.

Short Description

Compaq Insight Manager HTTP Server contains a flaw that may allow a malicious user to compromise the Insight Manager system. The issue is triggered when a long URL with malicious data is sent to the server. It is possible that the flaw may allow the execution of arbitrary code with LocalSystem privileges resulting in a loss of control.

References:

Vendor Specific Solution URL: http://h18007.www1.hp.com/support/files/evonotebook/us/revision/105.html Secunia Advisory ID:9453 Related OSVDB ID: 2747 ISS X-Force ID: 12823 Generic Exploit URL: http://www.securiteam.com/windowsntfocus/5HP0J00AUU.html Generic Exploit URL: http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/1373.html Bugtraq ID: 8336