2070 : Compaq Insight Agent SSL overflow
Printer | http://osvdb.org/2070 | Email This | Edit Vulnerability

Views This Week	Views All Time	Added to OSVDB	Last Modified	Modified (since 2008)	Percent Complete
6	553	over 8 years ago	over 4 years ago	0 times	75%

Timeline

Discovery Date	Disclosure Date
2002-07-30	2002-07-30

Keywords

CIM web SSL

Description

The Compaq Insight Management Agents use a vulnerable version of OpenSSL, which contains many remotely-exploitable buffer overflows. The vendor lists the affected products and versions as "Insight Management Agents for Windows version 5.3 - 5.5, Insight Manager 7, Version Control Agents, Version Control Repository Manager, Array Configuration Utility, HP Survey Utility for Windows, and Intelligent Cluster Administrator." Insight Management Agents for non-Windows platforms are listed as non-vulnerable.

Classification

Attack Type: Input Manipulation
Impact: Loss of Integrity

Technical

Agents listen on TCP ports 2381 and 2301. Vulnerable agents are built on OpenSSL version 0.9.6b. Updated agents use OpenSSL version 0.9.6g.

Solution

Compaq has released various patches for the vulnerable software components.

Products

Hewlett-Packard Development Company, L.P.	Array Configuration Utility	Unknown or Unspecified
	Insight Management Agents	5.3
		5.4
		5.5
	Insight Manager	7
	Intelligent Cluster Administrator	Unknown or Unspecified
	Survey Utility	Unknown or Unspecified
	Version Control Agents	Unknown or Unspecified
	Version Control Repository Manager	Unknown or Unspecified

References

Related OSVDB ID: 1958 787
CERT: CA-2002-23
Keyword: CIM web SSL

Manual Testing Notes

Determine which systems are running HP web-enabled agents or utilities. There are three methods suggested. (Provided by Compaq)

Method 1
Environments running Insight Manager 7, can get a list of systems running the web-enabled agents by defining a Query to return a list of systems with web agents.
Login to your Insight Manager 7 system and create a new Query. Select the "Devices with Web Agent" criteria.
- Select all of the available products on the Criteria Configuration screen.
- Save the Query and execute it. The list of devices will be all those with web agents. You may wish to use this query with the Reports feature of Insight Manager 7 (available in SP1 and greater) to get printouts of the devices and the software loaded. (Insight Manager XE users may follow a similar procedure up to but not including the reports.)
NOTE: Prior to running through this procedure, you may want to perform a new discovery and data collection.
If you first make sure that the discovery range covers all of the subnets visible to the Insight Manager 7 system, you will get a potentially more comprehensive report.

Method 2
Systems running HP Insight Manager Windows 32 console, can get a list of systems running the web agents by starting HP Insight Manager and selecting the "Web Device List" button on the toolbar. This will display a list of systems being managed by HP Insight Manager and additionally will have underlined as hyperlinks the systems on which the web agents are present and enabled. To print out a list of only the web devices, select the "Web Devices" hyperlink in the left column and only web devices will be shown. Print this page from your browser.
NOTE: The lists generated by Methods 1 and 2, while helpful, may not be exhaustive lists of the systems with web-enabled agents and utilities. The lists will include only those systems that are being managed either explicitly or because they have been discovered.

Method 3
Point a web browser to the system by keying in
http://[IP_ADDRESS]:2301 or http://[machine_name]:2301.
- This will bring up the device home page for any servers running web-enabled management software. This procedure identifies the presence of the software on 1 system and assumes that you already know the device name or IP address of every device and use this procedure to visit them.

Credit

Unknown or Incomplete

CVSSv2 Score

We currently have no CVSS2 data on this vulnerability. Feel free to suggest it.

Blogs

This product uses the Daylife API but is not endorsed or certified by Daylife.

This section lists the latest news and blogs found via the daylife API (and for older items, the technorati API), which mention or otherwise discuss this vulnerability.

None found at this time

Comments

Add Comment Hide Add Comment

No Comments.

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

Timeline

Keywords

Description

Classification

Technical

Solution

Products

Hewlett-Packard Development Company, L.P.

Array Configuration Utility

Insight Management Agents

Insight Manager

Intelligent Cluster Administrator

Survey Utility

Version Control Agents

Version Control Repository Manager