Re: IIS and Frontpage Extensions Vulnerability.

From: Ivan Hernandez (ivan.hernandez@globalsis.com.ar)
Date: 08/28/02


Date: Wed, 28 Aug 2002 14:48:02 -0300
From: Ivan Hernandez <ivan.hernandez@globalsis.com.ar>
To: "Kim, Cameron" <CKim@bigscreen.mea.com>

You can delete both files deleting the file protection cache at
\winnt\system32\dllcache (hidden dir)
Ivan Hernandez

Kim, Cameron wrote:

>Guys,
>
>I have a question regarding IIS 5.0 running on win2k server sp2. (frontpage
>extensions not installed)
>
>My Web Admin is a bit concerned because he has been trying to delete
>htimage.exe and imagemap.exe but stubborn windows file protection continues
>to replace it. He feels that the following vulnerabilities
>(http://online.securityfocus.com/bid/964
><http://online.securityfocus.com/bid/964> )
> and
>http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
>bulletin/fq00-028.asp
><http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security
>/bulletin/fq00-028.asp> are still present, even though they are not
>directly mentioned in the security bulletin.(given that the bulletin is over
>2 years old)
>
>Is his concern warranted? Or has one of the service packs fixed this issue?
>I am looking for some written proof pointing to the fact that this
>vulnerability doesn't exists anymore. Thanks.
>
>
>
>Cameron Kim
>Mitsubishi Digital Electronics America
>
>