R: Pen-Testing help (Compaq Insight & htsearch)
From: Scalise, Marzio (marzioscalise@KPMG.it)Date: 12/11/01
- Previous message: Thor@HammerofGod.com: "RE: NT/IIS decoy"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Scalise, Marzio" <marzioscalise@KPMG.it> To: "'pen-test@securityfocus.com'" <pen-test@securityfocus.com> Date: Tue, 11 Dec 2001 17:38:34 +0100
i've found a default user/passwd for C.I.M.:
administrator/administrator
operator/operator
moreover some version of C.I.M. are afflict by "dot dot bug"
eg. www.target.com:2301/../../boot.ini
regards.
Marzio
-----Messaggio originale-----
Da: Zwan-van-der.Erwin [mailto:Erwin.Zwan-van-der@siemens.nl]
Inviato: marted́ 11 dicembre 2001 11.25
A: 'Tim Russo'; pen-test@securityfocus.com
Oggetto: RE: Pen-Testing help (Compaq Insight & htsearch)
On several projects I was able to connect to the Compaq server using a
standard web browser to port 2301 (http://ipadress:2301). The dual homed
server then just acts as a proxy. Note that it is not a full proxy compliant
systems of course. Therefore cookies, activex controls, pictures and stuff
might not be passed to your client. It is great to establish a hidden
outbound connection to the Internet though.
Erwin
-----Original Message-----
From: Tim Russo [mailto:trusso@wireguided.com]
Sent: maandag 10 december 2001 17:44
To: pen-test@securityfocus.com
Subject: Pen-Testing help (Compaq Insight & htsearch)
I am pen-testing a customer's network and stumbled upon their Compaq
Digital-Unix web server. This web server happens to be in front of their
firewall too. I have detected 2 immediate security issues:
1) They are running Compaq Insight Manager.
2) Their web server has the htsearch cgi-bin script.
Questions:
1) I know Insight Manager has buffer overflows and can be used as a proxy.
Do exploits for the buffer overflows exist? Also, I am not sure if I am
configuring the proxy client correctly. Anyone have luck with this?
2)When I try to exploit the htsearch script I get the following error:
"Unable to read word database file '/xxx/xxx/htdig/db/db.words.db' Did you
run htmerge?" [xxx are for obscurity] :)
Any help with either one of these and/or general Digital-Unix pen-test info
would be very helpful.
Thank you.
-Tim
__________________________________
Tim Russo
Email: trusso@wireguided.com
Tel: 617.504.3008
Fax: 781.849.0127
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
**************************************************************************
The information in this email is confidential and may be legally
privileged.
It is intended solely for the addressee. Access to this email by
anyone else is unauthorized.
If you are not the intended recipient, any disclosure, copying,
distribution or any action taken or omitted to be taken in reliance
on it, is prohibited and may be unlawful. When addressed to
our clients any opinions or advice contained in this email are
subject to the terms and conditions expressed in the governing
KPMG client engagement letter.
**************************************************************************
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: Thor@HammerofGod.com: "RE: NT/IIS decoy"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
