Insight Management Agent
by Compaq
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2000-1209 | 0.10 | — | 0.87 | Aug 12, 2002 | The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, including third party packages that use these products such as (4) Tumbleweed Secure Mail (MMS) (5) Compaq Insight Manager, and (6)… | |||
| CVE-2002-2422 | 0.03 | — | 0.03 | Dec 31, 2002 | Cross-site scripting (XSS) vulnerability in Compaq Insight Management Agents 2.0, 2.1, 3.6.0, 4.2 and 4.3.7 allows remote attackers to inject arbitrary web script or HTML via a URL, which inserts the script into the resulting error message. | |||
| CVE-1999-0771 | 0.03 | — | 0.06 | May 26, 1999 | The web components of Compaq Management Agents and the Compaq Survey Utility allow a remote attacker to read arbitrary files via a .. (dot dot) attack. | |||
| CVE-2001-0134 | 0.00 | — | 0.04 | Mar 12, 2001 | Buffer overflow in cpqlogin.htm in web-enabled agents for various Compaq management software products such as Insight Manager and Management Agents allows remote attackers to execute arbitrary commands via a long user name. | |||
| CVE-1999-1355 | 0.00 | — | 0.02 | Dec 31, 1999 | BMC Patrol component, when installed with Compaq Insight Management Agent 4.23 and earlier, or Management Agents for Servers 4.40 and earlier, creates a PFCUser account with a default password and potentially dangerous privileges. | |||
| CVE-1999-1356 | 0.00 | — | 0.00 | Sep 2, 1999 | Compaq Integration Maintenance Utility as used in Compaq Insight Manager agent before SmartStart 4.50 modifies the legal notice caption (LegalNoticeCaption) and text (LegalNoticeText) in Windows NT, which could produce a legal notice that is in violation of the security policy. | |||
| CVE-1999-0772 | 0.00 | — | 0.01 | Jun 1, 1999 | Denial of service in Compaq Management Agents and the Compaq Survey Utility via a long string sent to port 2301. |
- CVE-2000-1209Aug 12, 2002risk 0.10cvss —epss 0.87
The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, including third party packages that use these products such as (4) Tumbleweed Secure Mail (MMS) (5) Compaq Insight Manager, and (6)…
- CVE-2002-2422Dec 31, 2002risk 0.03cvss —epss 0.03
Cross-site scripting (XSS) vulnerability in Compaq Insight Management Agents 2.0, 2.1, 3.6.0, 4.2 and 4.3.7 allows remote attackers to inject arbitrary web script or HTML via a URL, which inserts the script into the resulting error message.
- CVE-1999-0771May 26, 1999risk 0.03cvss —epss 0.06
The web components of Compaq Management Agents and the Compaq Survey Utility allow a remote attacker to read arbitrary files via a .. (dot dot) attack.
- CVE-2001-0134Mar 12, 2001risk 0.00cvss —epss 0.04
Buffer overflow in cpqlogin.htm in web-enabled agents for various Compaq management software products such as Insight Manager and Management Agents allows remote attackers to execute arbitrary commands via a long user name.
- CVE-1999-1355Dec 31, 1999risk 0.00cvss —epss 0.02
BMC Patrol component, when installed with Compaq Insight Management Agent 4.23 and earlier, or Management Agents for Servers 4.40 and earlier, creates a PFCUser account with a default password and potentially dangerous privileges.
- CVE-1999-1356Sep 2, 1999risk 0.00cvss —epss 0.00
Compaq Integration Maintenance Utility as used in Compaq Insight Manager agent before SmartStart 4.50 modifies the legal notice caption (LegalNoticeCaption) and text (LegalNoticeText) in Windows NT, which could produce a legal notice that is in violation of the security policy.
- CVE-1999-0772Jun 1, 1999risk 0.00cvss —epss 0.01
Denial of service in Compaq Management Agents and the Compaq Survey Utility via a long string sent to port 2301.