SOFTPAQ NUMBER : SP17927
PART NUMBER: N/A
FILE NAME: UPDTHMMO.BAT
TITLE:   Compaq Web-Enabled Management Agents Security Patch
VERSION: 4.0
LANGUAGE: English

CATEGORY: Software Solutions

DIVISIONS: Systems

PRODUCTS AFFECTED: Compaq Management Agents for NetWare

OPERATING SYSTEM: Novell NetWare 4.x, and NetWare 5.x.

SYSTEM CONFIGURATION:  N/A

PREREQUISITES:  N/A

EFFECTIVE DATE: September 7, 2001

ELECTRONIC DISTRIBUTION ALLOWED:  Yes

SOFTPAQ UTILITY VERSION:  2.x

SUPERSEDES:  N/A

Description: This update fixes a potential security vulnerability in Compaq
web-enabled management software. This vulnerability has the potential to 
enable unauthorized users to execute code at an administrator level through
the exploitation of a buffer overflow. Compaq strongly recommends that you 
update your management software running any Web Based Enterprise Management 
Agent or Utility that resides on port 2301. This affects the web component 
of the affected products for the following versions:
  Compaq Management Agents version 4.23b to 5.10

This softpaq supports only Compaq Management Agents version 5.00 to 5.10.
If you are running Compaq Management Agents version prior to 5.00, please 
upgrade your Management Agents using 5.20 Compaq Management CD or download
the 5.20 Compaq Management Agents from Compaq Web site.

HOW TO USE:

Have all the associated files in a single directory on your hard drive and 
perform the following steps:
   
  1. Use a Web Browser pointing to a server running the web enabled agents to
     identify your CPQHMMO.NLM version.  If CPQHMMO.NLM is 3.06 or greater
     then NO UPDATE IS NEEDED.

  2. Land the SoftPAQ onto a temporary subdirectory on a client and map a drive to
     the root of the SYS: volume of the target NetWare server (you must have
     supervisor rights).  Run the UPDTHMMO.BAT batch file passing the drive
     letter of the target server. For example: UPDTHMMO M:. This will back up the 
     current CPQHMMO.NLM as *.BK$ file and copy the 3.06 CPQHMMO.NLM onto the server.
  
  3. At a convenient time DOWN and RESTART your server.
     If you don't want to reboot the server, the following steps will need to be done:
      1). Type "unload cpqwebag".
      2). Type "cpqsnmp" to load the CPQWEBAG.NLM with the new CPQHMMO.NLM.
      
  4. Use a Web Browser to verify functionality of new web agent update. 
  

HOW TO RESTORE YOUR ORIGINAL CONFIGURATION:

To restore the original version of the patched file, perform the following step:
  1. Run the RESTHMMO.BAT (passing the drive letter of the target server)
     to restore the configuration to its original state.


Copyright 2001, Compaq Computer Corporation.  All rights reserved.

Product names mentioned herein may be trademarks and/or registered
trademarks of their respective companies