iXsecurity Security Vulnerability Report - The default installation of Compaq Web-Based Management on a Netware server reveals sensitive system files to anyone who can access TCP port 2301. Allows remote users to read the remote console password. Software version 2.28 verified vulnerable. Compaq advisory available here.
992ae643310081a28265d7edbe6fcf3cd675ed92732e4ecbee1271c805355517iXsecurity Security Vulnerability Report
No: iXsecurity.20001107.compaq-wbm.a
====================================
Vulnerability Summary
---------------------
Problem: The default installation of Compaq Web-Based
Management on a Netware server reveals
sensitive system files
Threat: Anyone that has access to port 2301 on a
Netware server can read the system
password (Remote Console password)
Platform: Compaq Web-Based Management on Netware
(Software version 2.28 verified)
Solution: Disable the Web Agent
Vulnerability Description
-------------------------
http://netware.server.with.CWBM:2301/survey is
accessible for everyone by default and contains
sensitive system files:
SYS:\SYSTEM\AUTOEXEC.NCF
SYS:\ETC\NETINFO.CFG.
The system password (Remote Console password)
and other passwords (SNMP ControlCommunity)
may be in clear text in any of these files.
Solution
--------
Compaq recommend that you disable the web agent
until a resolution has been provided.
Additional Information
----------------------
Many administrators install Compaq Web-Based Management
by default when they are installing Netware on a Compaq
machine. Web-Based Management listens on port 2301 and
anonymous access is allowed by default. iXsecurity have
to point out that none of our customers have changed
any Compaq user password until the first audit report
arrived.
Some Compaq installations have ports 49400 and 49401 open
too. These ports are not verified.
Vendor response
---------------
Mr. Vitek,
This is a known issue with an advisory available on the Compaq website as
indicated below:
http://www5.compaq.com/products/servers/management/security.html
Until a resolution has been provided, it would be recommended that you
disable the web agents as indicated in that advisory.
Thank You,
Compaq eServices
TRACKING NUMBER: A00000367277-00001144068
---------------
//Ian Vitek
mailto:ian.vitek@ixsecurity.com
-------------------------------
iXsecurity (former Infosec) is a Swedish and United
Kingdom based tigerteam that have worked with computer-
related security since 1982 and done technical security
audits (pentests) since 1996. iXsecurity is now searching
for co-workers in Sweden and UK.
Call Stafferod for more information
tel: +46-8-6621070
mailto:christer.stafferod@ixsecurity.com
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed