WEB-MISC Compaq web-based management agent denial of service attempt
|Alert||WEB-MISC Compaq web-based management agent denial of service attempt|
Compaq Web-Based Management Agent is used to perform remote system administration for Windows hosts. A vulnerability exists in the software when traffic is sent to access to Compaq Web-Based Management Agent that contains a malformed request, possibly causing the service to crash. URL requests that contain the characters "<!>" or "<!" followed by arguments followed by ">" cause the denial of service to occur. Note that the rule uses an initial keyword of "content" instead of "uricontent" since uricontent only examines web server ports identified in the pre-processor http_inspect in the configuration setup. Default configurations do not include port 2301 as a web server port, preventing the event from being generated.
Host running Compaq Web-Based Management Agent.
Denial of Service
An attacker can send a malformed request to the listening service, causing the system to crash.
Block inbound port 2301 traffic or restrict access to known authorized IP addresses.