[VulnWatch] Immunity Advisory: Compaq Web Management vulnerability

From: Chris Wysopal (weld_at_vulnwatch.org)
Date: 03/12/04

  • Next message: Chris Wysopal: "[VulnWatch] Immunity Advisory: Computer Associates Unicenter TNG"
    Date: Fri, 12 Mar 2004 16:48:02 -0500 (EST)
    To: vulnwatch@vulnwatch.org
    
    

    Excerpt:

    Remote, unauthenticated certificate upload in Compaq Web Management (HP
    HTTP) Compaq Web Management includes a number of daemons, which listen on
    a number of TCP ports, and also to SNMP requests. On port 2381, an SSL
    HTTP server runs. If the system is configured to let anonymous users
    browse it, a common configuration, then a bug in the validation system
    allows users to upload their own certificates to be trusted by the client
    system. This would then allow that machine to be administered remotely via
    such mechanisms as Secure Task Execution.

    Full Advisory:

    http://www.immunitysec.com/downloads/hp_http.sxw.pdf


  • Next message: Chris Wysopal: "[VulnWatch] Immunity Advisory: Computer Associates Unicenter TNG"