[原文]The HTTP server in Compaq web-enabled management software for (1) Foundation Agents, (2) Survey, (3) Power Manager, (4) Availability Agents, (5) Intelligent Cluster Administrator, and (6) Insight Manager can be used as a generic proxy server, which allows remote attackers to bypass access restrictions via the management port, 2301.
Compaq Web-enabled Management Software HTTP Server Arbitrary Traffic Proxy
The Compaq Web Management Agent (Insight Agent) can be used as an HTTP proxy, which lets an attacker 'tunnel' HTTP requests through the vulnerable host. This could potentially be used to bypass firewall or other network restrictions, or to mask the attacker's origins.
Due to the information leak associated with this service, we recommend that you disable the Compaq Management Agent or filter access to TCP port 2301 and 280. If this service is required, installing the appropriate upgrade from Compaq will fix this issue. The issue is referenced in Compaq security advisory SSRT0715.