i've found a default user/passwd for C.I.M.: administrator/administrator operator/operator moreover some version of C.I.M. are afflict by "dot dot bug" eg. www.target.com:2301/../../boot.ini regards. Marzio -----Messaggio originale----- Da: Zwan-van-der.Erwin [mailto:Erwin.Zwan-van-derat_private] Inviato: marted́ 11 dicembre 2001 11.25 A: 'Tim Russo'; pen-testat_private Oggetto: RE: Pen-Testing help (Compaq Insight & htsearch) On several projects I was able to connect to the Compaq server using a standard web browser to port 2301 (http://ipadress:2301). The dual homed server then just acts as a proxy. Note that it is not a full proxy compliant systems of course. Therefore cookies, activex controls, pictures and stuff might not be passed to your client. It is great to establish a hidden outbound connection to the Internet though. Erwin -----Original Message----- From: Tim Russo [mailto:trussoat_private] Sent: maandag 10 december 2001 17:44 To: pen-testat_private Subject: Pen-Testing help (Compaq Insight & htsearch) I am pen-testing a customer's network and stumbled upon their Compaq Digital-Unix web server. This web server happens to be in front of their firewall too. I have detected 2 immediate security issues: 1) They are running Compaq Insight Manager. 2) Their web server has the htsearch cgi-bin script. Questions: 1) I know Insight Manager has buffer overflows and can be used as a proxy. Do exploits for the buffer overflows exist? Also, I am not sure if I am configuring the proxy client correctly. Anyone have luck with this? 2)When I try to exploit the htsearch script I get the following error: "Unable to read word database file '/xxx/xxx/htdig/db/db.words.db' Did you run htmerge?" [xxx are for obscurity] :) Any help with either one of these and/or general Digital-Unix pen-test info would be very helpful. Thank you. -Tim __________________________________ Tim Russo Email: trussoat_private Tel: 617.504.3008 Fax: 781.849.0127 ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ ************************************************************************** The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. ************************************************************************** ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Wed Dec 12 2001 - 11:38:55 PST