• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Compaq Web Admin Buffer Overflow Vulnerability

Severity: HIGH

Description:

A vulnerability has been reported in the web-based administration component common to a number of Compaq software products.

The administration tool is vulnerable to buffer overflow attack techniques employing maliciously-formed user-supplied input. Properly exploited, this vulnerability can allow a remote attacker to execute arbitrary code on the affected system, with the privilege level of the system administrator.

The advisory did not provide further information about this vulnerability.

The following was excerpted from notification by <researchteam@esecurityonline.com>:

Affected Technologies:
------------------------------
Compaq Foundation Agents 4.0-4.90, 1.0-2.1
Digital Unix (Tru64) 4.0F and later
Insight Manager XE 1.0-2.1, LC 1.03c, 1.50A
Survey Utility 2.17-2.33
Intelligent Cluster Admin 1.0-2.1
System Healthcheck 3.0.0
Enterprise Volume Manager/Command Scripter 1.1 and 1.0
Insight Management Desktop Web Agents 3.70
Armada Insight Mgr 4.20-4.20J
Management Agents 4.30-4.35, 4.36-4.37E, 4.36E
Open SAN Manager 1.0
SANWorks Resource Monitor 1.0
Storage Allocation Reporter 1.0

Affected Products:

• Compaq Armada Insight Manager 4.20.0
• Compaq Armada Insight Manager 4.20.0 j
• Compaq Compaq Foundation Agents 1.0.0
• Compaq Compaq Foundation Agents 2.1.0
• Compaq Compaq Foundation Agents 4.0.0
• Compaq Compaq Foundation Agents 4.90.0
• Compaq Enterprise Volume Manager/Command Scripter 1.0.0
• Compaq Enterprise Volume Manager/Command Scripter 1.1.0
• Compaq Insight Management Desktop Web Agents 3.7.0
• Compaq Insight Manager LC 1.3.0 c
• Compaq Insight Manager LC 1.50.0 A
• Compaq Insight Manager XE 1.0.0
• Compaq Insight Manager XE 1.21.0
• Compaq Intelligent Cluster Administrator 1.0.0
• Compaq Intelligent Cluster Administrator 2.1.0
• Compaq Management Agents 4.30.0 j
• Compaq Management Agents 4.35.0 j
• Compaq Management Agents 4.36.0 E
• Compaq Management Agents 4.36.0 j
• Compaq Management Agents 4.37.0 E
• Compaq Open SAN Manager 1.0.0
• Compaq SANWorks Resource Monitor 1.0.0
• Compaq Storage Allocation Reporter 1.0.0
• Compaq Survey Utility 2.17.0
• Compaq Survey Utility 2.18.0
• Compaq Survey Utility 2.33.0
• Compaq System Healthcheck 3.0.0
• Digital (Compaq) TRU64/DIGITAL UNIX 4.0.0 f
• Digital (Compaq) TRU64/DIGITAL UNIX 4.0.0 g
• Digital (Compaq) TRU64/DIGITAL UNIX 5.0.0

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.