| VID |
29107 |
| Severity |
40 |
| Port |
2301,2381 |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The Compaq Web-based Management server, according to its banner, has a buffer overflow vulnerability. HP Compaq HTTP Server versions 5.0 through 5.95 are vulnerable to a buffer overflow, caused improper bounds checking of user-supplied input. This vulnerability may be exploited by a remote attacker to corrupt process memory and ultimately have arbitrary supplied code executed in the context of the vulnerable process.
* Note: This check solely relied on the banner of the remote HTTP server to assess this vulnerability, so this might be a false positive.
* References:
http://www.securityfocus.com/advisories/8087
http://www.ciac.org/ciac/bulletins/p-141.shtml
http://www.securitytracker.com/alerts/2005/Feb/1013182.html
* Platforms Affected:
Hewlett-Packard Company, HP Compaq HTTP Server versions 5.0 through 5.95
Linux Any version
Microsoft Windows Any version |
| Recommendation |
For Microsoft Windows platforms:
Upgrade to the latest version of HP Compaq HTTP Server (5.96 or later), available from the HP Software and Drives Web page at http://h18023.www1.hp.com/support/files/Server/us/download/22192.html |
| Related URL |
(CVE) |
| Related URL |
12566 (SecurityFocus) |
| Related URL |
19345 (ISS) |
|
