From aldeid
Jump to navigation Jump to search

WEB-MISC Compaq web-based management agent denial of service attempt


Id 2394
Alert WEB-MISC Compaq web-based management agent denial of service attempt
Classification web-application-attack


Compaq Web-Based Management Agent is used to perform remote system administration for Windows hosts. A vulnerability exists in the software when traffic is sent to access to Compaq Web-Based Management Agent that contains a malformed request, possibly causing the service to crash. URL requests that contain the characters "<!>" or "<!" followed by arguments followed by ">" cause the denial of service to occur. Note that the rule uses an initial keyword of "content" instead of "uricontent" since uricontent only examines web server ports identified in the pre-processor http_inspect in the configuration setup. Default configurations do not include port 2301 as a web server port, preventing the event from being generated.

Affected systems

Host running Compaq Web-Based Management Agent.


Denial of Service

False positives

None known


An attacker can send a malformed request to the listening service, causing the system to crash.


This section/article is being written and is therefore not complete.
Thank you for your comprehension.

Corrective actions

Block inbound port 2301 traffic or restrict access to known authorized IP addresses.