Compaq Web-enabled Management Software HTTP Server Arbitrary Traffic Proxy

This script is Copyright (C) 2002-2013 Digital Defense Inc.


Synopsis :

The remote web management agent can be abused to serve as a network
proxy.

Description :

The remote Compaq Web Management Agent install can be used as an HTTP
proxy. An attacker can use this to bypass firewall rules or hide the
source of web-based attacks.

See also :

http://h18000.www1.hp.com/products/servers/management/SSRT0758.html

Solution :

Due to the information leak associated with this service, you should
disable the Compaq Management Agent or filter access to TCP ports 2301
and 280.

If this service is required, contact the vendor for a software
update.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Web Servers

Nessus Plugin ID: 10963 (DDI_Compaq_Mgmt_Proxy.nasl)

Bugtraq ID:

CVE ID: CVE-2001-0374

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial