Compaq Insight Manager is vulnerable to a simple Cross Site Scripting attack.
2301 is the port (2301/tcp) which the Insight Manager listens on, this could also be 49400/tcp or 2381/tcp.
This vulnerability could only be abused if an attacker learned the IP adresse or host name of a host running Insight Manager.
Solution: There is no easy workaround. However to keep your network secure, it is good practice to have dedicated network management stations which are NOT used to receive emails or surf the web, this combined with filtering on other network managed devices which restricts access to management tools to trusted management stations, would minimize the the risk of someone Cross Site Scripting your internal systems (or in other ways gaining access to "trusted" hosts).
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org
Subject: Compaq/HP Insight Manager Cross Site Scripting
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.