OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Brewis, Mark (mark.brewisEDL.UK.EDS.COM)
Date: Thu Mar 22 2001 - 11:48:35 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Impact: Serious

    Compaq Insight Manager has a serious configuration issue which allows the
    use of the software as a proxy server. No logging is performed on either
    the OS or app., making this a perfect anonymous proxy.

    Rec: Disable Anonymous connection to agent and server, block port 2301
    inbound and outbound at network gateways.

    Reported to Compaq 14/03/01, advisory released 19/03/01.

    http://www.compaq.com/products/servers/management/mgtsw-advisory.html

    Mark Brewis
    EDS CLEF
    Information Assurance Group
    Wavendon Tower, Milton Keynes, MK17 8LX.
    Tel: 01908 284234
    Mbl: 07989 291648
    e: mark.brewisedl.uk.eds.com
    PGP Key ID:
    BA44 0B30 74DB EB02 D545 90FE 1BBC E1F6 0F58 F12A