Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2001-0134

Buffer overflow in cpqlogin.htm in web-enabled agents for various Compaq management software products such as Insight Manager and Management Agents allows remote attackers to execute arbitrary commands via a long user name.

Security Impact Summary

CVE-2001-0134 is a security vulnerability that . Impacting 15 products from compaq, from compaq, from compaq and 12 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Originally identified in 2001, this vulnerability predates many modern security frameworks and practices. The vulnerability landscape of that era was characterized by different threat models and less mature defense mechanisms compared to contemporary standards.

Published

2001-03-12T05:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 10.0 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: COMPLETE
  • Integrity Impact: COMPLETE
  • Availability Impact: COMPLETE
Exploitability Score

10.0

Impact Score

10.0

Weaknesses
  • Type: Primary
    NVD-CWE-Other
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application compaq armada_insight_manager 4.20 Yes
Application compaq armada_insight_manager 4.20j Yes
Application compaq enterprise_volume_manager-command_scripter 1.0 Yes
Application compaq enterprise_volume_manager-command_scripter 1.1 Yes
Application compaq foundation_agents 1.0 Yes
Application compaq foundation_agents 2.1 Yes
Application compaq foundation_agents 4.0 Yes
Application compaq foundation_agents 4.90 Yes
Application compaq insight_management_agent 4.37e Yes
Application compaq insight_management_desktop_web_agent 3.7 Yes
Application compaq insight_manager_lc 1.3c Yes
Application compaq insight_manager_lc 1.50a Yes
Application compaq insight_manager_xe 1.0 Yes
Application compaq insight_manager_xe 1.21 Yes
Application compaq intelligent_cluster_administrator 1.0 Yes
Application compaq intelligent_cluster_administrator 2.1 Yes
Application compaq management_agents 4.30j Yes
Application compaq management_agents 4.35j Yes
Application compaq management_agents 4.36e Yes
Application compaq management_agents 4.36j Yes
Application compaq open_san_manager 1.0 Yes
Application compaq sanworks_resource_monitor 1.0 Yes
Application compaq storage_allocation_reporter 1.0 Yes
Application compaq survey_utility 2.17 Yes
Application compaq survey_utility 2.18 Yes
Application compaq survey_utility 2.33 Yes
Application compaq system_healthcheck 3.0 Yes
Operating System digital unix 4.0f Yes
Operating System digital unix 4.0g Yes
Operating System digital unix 5.0 Yes
References

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For compaq's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.