| VID |
29025 |
| Severity |
20 |
| Port |
2301 |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
A Compaq Web-Based Enterprise Management (WBEM) server is detected. This web server enables remote attackers to gather sensitive information on the server, especially if anonymous access has been enabled.
Sensitive information includes: Platform name and version (including service packs), installed hotfixes, Running services, installed Drivers, boot.ini content, registry settings, NetBIOS name, system root directory, administrator full name, CPU type, CPU speed, ROM versions and revisions, memory size, sever recovery settings, and more.
* References:
http://cgi.nessus.org/plugins/dump.php3?id=10746 |
| Recommendation |
If it's not needed, disable the Web-enabled management agents. Please refer to the following site document, "Disabling the Web-enabled Agents" for information on how to disable the web-enabled agents:
http://www.securiteam.com/securitynews/5SP0V005FW.html
-- AND --
If it allows remote users to anonymous access to Compaq WBEM web server, disable the anonymous access.
* Note : HP Compaq strongly recommends that web-enabled agents and utilities be deployed only on private networks and are not used on the open Internet or on systems outside the bounds of the firewall. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
