This is one of several ways to make it fall over. Is the machine you are using multi-homed? If it is , see whether this kills the service on all interfaces. Nice to see you spotted it on 49400 - the port never referenced in Compaq documentation. Mark -----Original Message----- From: Gary O'leary-Steele [mailto:GaryO@sec-1.com] Sent: Tuesday, September 25, 2001 5:42 PM To: PEN-TESTat_private Subject: Compaq Vulnerability Hello All, This maybe really old but here goes anyway. I am testing our local network and wanted to see how secure the Compaq insight management web thingy's are so I ran a capture of the admin logging in. I noticed it referenced a component /proxy/LoginResponse as part of the login process. So tacked it onto the end of the url and the service on the compaq box (cpmdi and CPQWMGT.exe respectively) died with an access violation. Both http://targetip:2301/Proxy/LoginResponse And http://targetip:49400/Proxy/Loginresponse Produced the same result. Is this old? Kind Regards, GaryO@sec-1.com Gary O'leary-Steele Technical Consultant Telephone: 0113 2237220 Email: GaryO@sec-1.com Mobile: 07796698919 Web Site: www.sec-1.com ---------------------------------------------------------------------------- ---------------------------------------------------------------------------- ---------------- The contents of this Email may be privileged and are confidential. It may not be disclosed to or used by anyone other than the addressee(s), nor copied in any way. If received in error, please advise the sender, then delete from your system. The opinions expressed within this email represent those of the individual and not necessarily those of Sec-1 ltd. Should you wish to use Email as a mode of communication, Sec-1 ltd are unable to guarantee the security of Email content outside of our own computer systems. ---------------------------------------------------------------------------- ------------------------------------ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Thu Sep 27 2001 - 10:42:01 PDT