Denial of Service Condition in Compaq Presario Personal Computers

Reported April 11, 2001, by Compaq.



  • Compaq Presario PCs running Windows Millennium Edition (Me) and Windows 98


Compaq provides customer support features through its Knowledge Center and Back Web components for its Presario PCs running Windows Millennium Edition (Me) and Windows 98. Users use ActiveX to implement some of Presario's custom support features. By utilizing the ActiveX control function LogDataListToFile, a malicious attacker can use a Web page to write a specified file to the system's hard drive, creating a potential Denial of Service (DoS) vulnerability. The intruder can't modify the content of the file, but can access the hardware and software configuration information.




The vendor, Compaq Computer Corporation, has released Softpaq 16629 to correct this vulnerability.



Discovered by Compaq.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.