IIS and Frontpage Extensions Vulnerability.
From: Kim, Cameron (CKim@bigscreen.mea.com)Date: 08/28/02
- Previous message: Josh B: "RE: SecureIIS"
- Next in thread: Ivan Hernandez: "Re: IIS and Frontpage Extensions Vulnerability."
- Reply: Ivan Hernandez: "Re: IIS and Frontpage Extensions Vulnerability."
- Reply: Kim, Cameron: "RE: IIS and Frontpage Extensions Vulnerability."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Kim, Cameron" <CKim@bigscreen.mea.com> To: "'focus-ms@securityfocus.com'" <focus-ms@securityfocus.com> Date: Tue, 27 Aug 2002 16:16:27 -0700
Guys,
I have a question regarding IIS 5.0 running on win2k server sp2. (frontpage
extensions not installed)
My Web Admin is a bit concerned because he has been trying to delete
htimage.exe and imagemap.exe but stubborn windows file protection continues
to replace it. He feels that the following vulnerabilities
(http://online.securityfocus.com/bid/964
<http://online.securityfocus.com/bid/964> )
and
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
bulletin/fq00-028.asp
<http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security
/bulletin/fq00-028.asp> are still present, even though they are not
directly mentioned in the security bulletin.(given that the bulletin is over
2 years old)
Is his concern warranted? Or has one of the service packs fixed this issue?
I am looking for some written proof pointing to the fact that this
vulnerability doesn't exists anymore. Thanks.
Cameron Kim
Mitsubishi Digital Electronics America
- Previous message: Josh B: "RE: SecureIIS"
- Next in thread: Ivan Hernandez: "Re: IIS and Frontpage Extensions Vulnerability."
- Reply: Ivan Hernandez: "Re: IIS and Frontpage Extensions Vulnerability."
- Reply: Kim, Cameron: "RE: IIS and Frontpage Extensions Vulnerability."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
