Nessus Plugin #10963
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
Compaq Web Based Management Agent Proxy Vulnerability
- Family:
- General
- Category:
- infos
- Copyright:
- This script is Copyright (C) 2002 Digital Defense Inc.
- Summary:
- Compaq Web Based Management Agent Proxy Vulnerability
- Version:
- $Revision: 1.7 $
- Cve_id:
- CAN-2001-0374
- Bugtraq_id:
- -
- Xrefs:
- -
- Description:
This host is running the Compaq Web Management
Agent. This service can be used as a HTTP
proxy. An attacker can use this to bypass
firewall rules or hide the source of web-based
attacks.
Solution: Due to the information leak associated
with this service, we recommend that you disable
the Compaq Management Agent or filter access to
TCP ports 2301 and 280.
If this service is required, installing the
appropriate upgrade from Compaq will fix this
issue. The software update for your operating
system and hardware can be found via Compaq's
support download page:
http://www.compaq.com/support/files/server/us/index.html
For more information, please see the vendor advisory at:
http://www.compaq.com/products/servers/management/SSRT0758.html
Risk factor : Medium
Generiert am 27.04.2005 um 18:49:54 Uhr.