SOFTPAQ NUMBER : SP16317
PART NUMBER: N/A
FILE NAME: UPDTHMMO.BAT
TITLE:   Compaq Web-Enabled Management Agents Security Patch
VERSION: 3.0
LANGUAGE: English

CATEGORY: Software Solutions

DIVISIONS: Systems

PRODUCTS AFFECTED: Compaq Management Agents for NetWare

OPERATING SYSTEM: Novell NetWare 3.2x, NetWare 4.x, and NetWare 5.x.

SYSTEM CONFIGURATION:  N/A

PREREQUISITES:  N/A

EFFECTIVE DATE: mARCH 15, 2001

ELECTRONIC DISTRIBUTION ALLOWED:  Yes

SOFTPAQ UTILITY VERSION:  2.x

SUPERSEDES:  N/A

DESCRIPTION: This SoftPaq fixes a potential security vulnerability in Compaq 
web-enabled management software. Compaq strongly recommends that you update
your software as soon as possible. Compaq management software running any 
Web Based Enterprise Management Agent or Utility that resides on port 2301 
can act as generic proxy server. Internal traffic going out to the Internet
can bypass a normal proxy server filtering by using TCP/IP port 2301 and 
external traffic may be able to infiltrate internal networks if there is
no additional firewall protection. This affects the web component of the
affected products for the following versions:
  Compaq Management Agents version 4.23b to 4.90

HOW TO USE:

Have all the associated files in a single directory on your hard drive and 
perform the following steps:
   
  1. Use a Web Browser pointing to a server running the web enabled agents to
     identify your CPQHMMO.NLM version.  If CPQHMMO.NLM is 2.02b or greater
     then NO UPDATE IS NEEDED.

  2. Land the SoftPAQ onto a temporary subdirectory on a client and map a drive to
     the root of the SYS: volume of the target NetWare server (you must have
     supervisor rights).  Run the UPDTHMMO.BAT batch file passing the drive
     letter of the target server. For example: UPDTHMMO M:. This will back up the 
     current CPQHMMO.NLM as *.BK$ file and copy the 2.02b CPQHMMO.NLM onto the server.
  
  3. At a convenient time DOWN and RESTART your server.
     If you don't want to reboot the server, the following steps will need to be done:
      1). Type "unload cpqwebag".
      2). Type "modules cpqhmmo". If the cpqhmmo.nlm is not loaded, then you only need 
          to do step 4), skip 3) and 5). Otherwise, follow through the step 3), 4), and 5).
      3). Type "unload survey".
      4). Type "cpqsnmp" to load the WEBAGENT.NLM with the new CPQHMMO.NLM.
      5). Find the "load survey ..." line in your sys:/system/autoexec.ncf. Then go
          back to server console screen and type the exactly "load survey ..." with
          the -flags as in autoexec.ncf to load the Compaq Survey Utility.
      
  4. Use a Web Browser to verify functionality of new web agent update. 
  

HOW TO RESTORE YOUR ORIGINAL CONFIGURATION:

To restore the original version of the patched file, perform the following step:
  1. Run the RESTHMMO.BAT (passing the drive letter of the target server)
     to restore the configuration to its original state.


Copyright 2001, Compaq Computer Corporation.  All rights reserved.

Product names mentioned herein may be trademarks and/or registered
trademarks of their respective companies