Compaq Vulnerability

["Gary O'leary-Steele" <GaryO () sec-1 com>]

Hello All,

This maybe really old but here goes anyway.

I am testing our local network and wanted to see how secure the Compaq
insight management web thingy's are so I ran a capture of the admin logging
in. I noticed it referenced a component /proxy/LoginResponse as part of the
login process. So tacked it onto the end of the url and the service on the
compaq box (cpmdi and CPQWMGT.exe respectively) died with an access
violation.
Both

Http://targetip:2301/Proxy/LoginResponse

And

Http://targetip:49400/Proxy/Loginresponse

Produced the same result.

Is this old?

Kind Regards,

GaryO () sec-1 com
Gary O'leary-Steele
Technical Consultant



Telephone:     0113 2237220
Email:           GaryO () sec-1 com
Mobile:          07796698919
Web Site:      www.sec-1.com

----------------------------------------------------------------------------
----------------------------------------------------------------------------
----------------
The contents of this Email may be privileged and are confidential. It may
not be disclosed to or used by anyone other than the addressee(s), nor
copied in any way. If received in error, please advise the sender, then
delete from your system.

The opinions expressed within this email represent those of the individual
and not necessarily those of Sec-1 ltd.

Should you wish to use Email as a mode of communication, Sec-1 ltd are
unable to guarantee the security of Email content outside of our own
computer systems.
----------------------------------------------------------------------------
------------------------------------


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/