SOFTPAQ NUMBER: SP16318

PART NUMBER: N/A

FILE NAME: SP16318.EXE

TITLE: Compaq Web-Enabled Management Software Security Patch

VERSION: 3.0

LANGUAGE: English

CATEGORY: Software Solutions

DIVISIONS: Systems

PRODUCTS AFFECTED: Compaq Insight Management Agents for Servers
                   Compaq Survey Utility
                   Compaq Power Management
                   Compaq Intelligent Cluster Administrator
                   Compaq Availability Agents
                   Compaq Insight Manager XE

OPERATING SYSTEM: Microsoft Windows NT 4.0 and Windows 2000

SYSTEM CONFIGURATION: N/A

PREREQUISITES: N/A

EFFECTIVE DATE: March 15, 2001

ELECTRONIC DISTRIBUTION ALLOWED: Yes

SOFTPAQ UTILITY VERSION: 4.0

SUPERSEDES: N/A

DESCRIPTION:
        This update fixes a potential security vulnerability in Compaq web-enabled
        management software. Compaq strongly recommends that you update your software
        as soon as possible.  Compaq management software running any Web Based
        Enterprise Management Agent or Utility that resides on port 2301 can act as
        generic proxy server. Internal traffic going out to the Internet can bypass a
        normal proxy server filtering by using TCP/IP port 2301 and external traffic
        may be able to infiltrate internal networks if there is no additional firewall
        protection.
        
        This batch file copies the files needed to fix a potential security issue
        in Compaq web-enabled management software.
        
        If running Compaq Insight Manager XE versions earlier than 2.0, then please
        upgrade it to versions 2.0 or greater.


HOW TO USE:
        Have all the associated files (see file list at the end of this text file) in
        a single directory on your hard drive.  From a DOS command shell change to
        that drive and directory and type:

        patchweb patch

        This will replace the necessary files.
   

HOW TO RESTORE YOUR ORIGINAL CONFIGURATION:
        To restore the original versions of the patched files type:

        patchweb restore


FILE LIST:
        sp16318.txt
        patchweb.bat
        findver.exe
        regtool.exe
        strexp.exe
        cpqhmmo.fre
        cpqlogin.frm
        Default.frm

Copyright 2001, Compaq Computer Corporation.  All rights reserved.

Product names mentioned herein may be trademarks and/or registered
trademarks of their respective companies