Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Dell OMI (Open Manage Instrumentation)

Dell OMI (Open Manage Instrumentation)

From: <nemo55_at_hushmail.com>
Date: Fri, 1 Jun 2001 13:54:44 -0800 (PDT)

First there was the Compaq 2301 hack...

I wonder if anyone has found any security holes in the DELL Open Manage
Client. We are a large DELL shop with many 95/98/NT/W2K machines that
have the DELL OMI client installed. There are several UDP/TCP ports open
at all times:

The ports and associated pgms are:
1037 tcp win32sl.exe
1039 tcp win32sl.exe

1026 udp dnar.exe
1038 udp win32sl.exe

Visiting the DELL web site shows a remote cmd program by the name of actionagent.exe

(http://docs.us.dell.com/docs/software/omci60/en/ug/comp.htm)

Since I did not find that pgm opening any ports on our NT servers, I
think (guess or hope ?) that no remote attack is possible.

But since the example of the COMPAQ 2301 hack - I wonder if there is
still a hack waiting to be found in the DELL OMI client.

anyone ?

thanks

Free, encrypted, secure Web-based email at www.hushmail.com

IMPORTANT NOTICE: If you are not using HushMail, this message could have been read easily by the many people who have access to your open personal email messages.
Get your FREE, totally secure email address at http://www.hushmail.com.
Received on Jun 02 2001

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos