RE: Pen-Testing help (Compaq Insight & htsearch)

From: Zwan-van-der.Erwin (Erwin.Zwan-van-derat_private)
Date: Tue Dec 11 2001 - 02:24:51 PST

Next message: Zwan-van-der.Erwin: "RE: Command line network sniffing tools on NT/W2K"

Previous message: Harrington, Chris: "Sniffing packets between Outlook and Exchange"
Maybe in reply to: Tim Russo: "Pen-Testing help (Compaq Insight & htsearch)"
Next in thread: Philipp Stucke: "Re: Pen-Testing help (Compaq Insight & htsearch)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On several projects I was able to connect to the Compaq server using a
standard web browser to port 2301 (http://ipadress:2301). The dual homed
server then just acts as a proxy. Note that it is not a full proxy compliant
systems of course. Therefore cookies, activex controls, pictures and stuff
might not be passed to your client. It is great to establish a hidden
outbound connection to the Internet though.

Erwin

-----Original Message-----
From: Tim Russo [mailto:trussoat_private]
Sent: maandag 10 december 2001 17:44
To: pen-testat_private
Subject: Pen-Testing help (Compaq Insight & htsearch)


I am pen-testing a customer's network and stumbled upon their Compaq
Digital-Unix web server. This web server happens to be in front of their
firewall too. I have detected 2 immediate security issues:

1) They are running Compaq Insight Manager.
2) Their web server has the htsearch cgi-bin script.

Questions:

1) I know Insight Manager has buffer overflows and can be used as a proxy.
Do exploits for the buffer overflows exist? Also, I am not sure if I am
configuring the proxy client correctly. Anyone have luck with this?

2)When I try to exploit the htsearch script I get the following error:

"Unable to read word database file '/xxx/xxx/htdig/db/db.words.db' Did you
run htmerge?" [xxx are for obscurity] :)

Any help with either one of these and/or general Digital-Unix pen-test info
would be very helpful.

Thank you.

-Tim
__________________________________
Tim Russo
Email:	trussoat_private
Tel:	      617.504.3008
Fax:	      781.849.0127


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Next message: Zwan-van-der.Erwin: "RE: Command line network sniffing tools on NT/W2K"
Previous message: Harrington, Chris: "Sniffing packets between Outlook and Exchange"
Maybe in reply to: Tim Russo: "Pen-Testing help (Compaq Insight & htsearch)"
Next in thread: Philipp Stucke: "Re: Pen-Testing help (Compaq Insight & htsearch)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Dec 11 2001 - 08:32:28 PST