OpenCVE

Buffer overflow in cpqlogin.htm in web-enabled agents for various Compaq management software products such as Insight Manager and Management Agents allows remote attackers to execute arbitrary commands via a long user name.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Compaq	Armada Insight Manager Enterprise Volume Manager-command Scripter Foundation Agents Insight Management Agent Insight Management Desktop Web Agent Insight Manager Lc Insight Manager Xe Intelligent Cluster Administrator Management Agents Open San Manager Sanworks Resource Monitor Storage Allocation Reporter Survey Utility System Healthcheck
Digital	Unix

Configuration 1 [-]

OR	cpe:2.3:a:compaq:armada_insight_manager:4.20:::::::*
	cpe:2.3:a:compaq:armada_insight_manager:4.20j:::::::*
	cpe:2.3:a:compaq:enterprise_volume_manager-command_scripter:1.0:::::::*
	cpe:2.3:a:compaq:enterprise_volume_manager-command_scripter:1.1:::::::*
	cpe:2.3:a:compaq:foundation_agents:1.0:::::::*
	cpe:2.3:a:compaq:foundation_agents:2.1:::::::*
	cpe:2.3:a:compaq:foundation_agents:4.0:::::::*
	cpe:2.3:a:compaq:foundation_agents:4.90:::::::*
	cpe:2.3:a:compaq:insight_management_agent:4.37e:::::::*
	cpe:2.3:a:compaq:insight_management_desktop_web_agent:3.7:::::::*
	cpe:2.3:a:compaq:insight_manager_lc:1.3c:::::::*
	cpe:2.3:a:compaq:insight_manager_lc:1.50a:::::::*
	cpe:2.3:a:compaq:insight_manager_xe:1.0:::::::*
	cpe:2.3:a:compaq:insight_manager_xe:1.21:::::::*
	cpe:2.3:a:compaq:intelligent_cluster_administrator:1.0:::::::*
	cpe:2.3:a:compaq:intelligent_cluster_administrator:2.1:::::::*
	cpe:2.3:a:compaq:management_agents:4.30j:::::::*
	cpe:2.3:a:compaq:management_agents:4.35j:::::::*
	cpe:2.3:a:compaq:management_agents:4.36e:::::::*
	cpe:2.3:a:compaq:management_agents:4.36j:::::::*
	cpe:2.3:a:compaq:open_san_manager:1.0:::::::*
	cpe:2.3:a:compaq:sanworks_resource_monitor:1.0:::::::*
	cpe:2.3:a:compaq:storage_allocation_reporter:1.0:::::::*
	cpe:2.3:a:compaq:survey_utility:2.17:::::::*
	cpe:2.3:a:compaq:survey_utility:2.18:::::::*
	cpe:2.3:a:compaq:survey_utility:2.33:::::::*
	cpe:2.3:a:compaq:system_healthcheck:3.0:::::::*

Configuration 2 [-]

OR	cpe:2.3:o:digital:unix:4.0f:::::::*
	cpe:2.3:o:digital:unix:4.0g:::::::*
	cpe:2.3:o:digital:unix:5.0:::::::*

No data.

References

Link	Providers
http://marc.info/?l=bugtraq&m=97967435023835&w=2
http://www.securityfocus.com/bid/2200
http://www5.compaq.com/products/servers/management/agentsecurity.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2001-02-14T05:00:00

Updated: 2024-08-08T04:06:55.448Z

Reserved: 2001-02-06T00:00:00

Link: CVE-2001-0134

Vulnrichment

No data.

NVD

Status : Modified

Published: 2001-03-12T05:00:00.000

Modified: 2016-10-18T02:09:49.480

Link: CVE-2001-0134

Redhat

No data.

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object