{"vuid":"VU#908611","idnumber":"908611","name":"Compaq Insight Manager XE buffer overflow in SNMP and DMI functionality","keywords":["Compaq Insight Manager XE","buffer overflow","arbitrary code execution","SSRT0766","SoftPaq SP 17982"],"overview":"The Compaq web-enabled management software contains a buffer overflow in the SNMP and DMI functionality. Remote intruders may be able to execute arbitrary code with privileges on affected systems. All versions of Compaq Insight Manager XE are affected, but Compaq Insight Manager windows console and Compaq Managment agents are not affected.","clean_desc":"There is a buffer overflow in the SNMP and DMI functionality of the Compaq Insight Manager XE product. Compaq has produced a security advisory describing this problem at http://www.compaq.com/products/servers/management/mgtsw-advisory.html","impact":"A remote attacker may be able to execute arbitrary code with privileges on systems running the vulnerable software.","resolution":"Apply a Patch Apply a patch from your vendor. Information about patches to correct this problem is available in the Compaq security advisory. Compaq security advisory SSRT0766 provides information about the patches.","workarounds":"Disable the Web-Enabled Management Software You can prevent this vulnerability from being exploited by disabling the web-enabled management software. Block Ports 2301 and 280 at Your Perimeter Port 2301 (the device management port) is the port used to access the vulnerable code. Blocking access to this port from untrusted sources may reduce the risk of exploitation. You may also wish to block port 280 (the Compaq Insight Manager XE port).","sysaffected":"","thanks":"The CERT/CC thanks Compaq for their advisory on this topic.","author":"This document was written by Cory F. Cohen.","public":["http://www.compaq.com/products/servers/management/mgtsw-advisory.html","http://www.securityfocus.com/bid/3482","http://archives.neohapsis.com/archives/compaq/2001-q4/0018.html"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-10-30T17:21:05Z","publicdate":"2001-10-30T00:00:00Z","datefirstpublished":"2001-11-19T20:42:35Z","dateupdated":"2001-11-19T20:45:06Z","revision":11,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"5","cam_population":"10","cam_impact":"19","cam_easeofexploitation":"7","cam_attackeraccessrequired":"15","cam_scorecurrent":"7.48125","cam_scorecurrentwidelyknown":"9.3515625","cam_scorecurrentwidelyknownexploited":"16.8328125","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":7.48125,"vulnote":null}