[Snort-sigs] Compaq Insight Management Agent
radamson at ...908...
Wed Aug 6 08:25:02 EDT 2003
Over the years it seems as though Compaq's Insight Mgmt has had several
vulnerabilities (and open ports that typically aren't well published).
Is anyone working on snort rules to detect this stuff?
> Compaq Insight Management Agent Format String Vulnerability
> READ ONLINE:
> Moderately critical
> DoS, System access
> From local network
> Compaq Insight Management Agent 5.x
> A vulnerability has been reported in Compaq Insight Management Agent,
> which may possibly allow malicious people to execute arbitrary code.
> The problem is that the Compaq Insight Management Agent doesn't
> handle long requests containing format specifiers.
> This has been reported to affect version 5.00H and possibly earlier
> Restrict access to the service so that only management systems can
More information about the Snort-sigs