Re: IIS and Frontpage Extensions Vulnerability.
From: Ken Schaefer (ken@adOpenStatic.com)Date: 08/29/02
- Previous message: Marc Maiffret: "RE: SecureIIS"
- In reply to: Ivan Hernandez: "Re: IIS and Frontpage Extensions Vulnerability."
- Next in thread: Brett Moore: "RE: IIS and Frontpage Extensions Vulnerability."
- Reply: Brett Moore: "RE: IIS and Frontpage Extensions Vulnerability."
- Reply: M. Burnett: "Re: IIS and Frontpage Extensions Vulnerability."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Ken Schaefer" <ken@adOpenStatic.com> To: <focus-ms@securityfocus.com> Date: Thu, 29 Aug 2002 17:34:37 +1000
Additionally,
You could:
a) change the NTFS permissions on those files
b) you could change the IIS permissions so that "Execute" is not allowed
etc
As well the bulletin only mentions FPSE97 and FPSE98 as vulnerable...
Since Win2k ships with FPSE2000 you shouldn't have a problem. Please see:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
current.asp?productid=112&servicepackid=146&submit1=go&isie=yes
(lists no bulletins that for FPSE2000)
Cheers
Ken
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From: "Ivan Hernandez" <ivan.hernandez@globalsis.com.ar>
Sent: Thursday, August 29, 2002 3:48 AM
Subject: Re: IIS and Frontpage Extensions Vulnerability.
: You can delete both files deleting the file protection cache at
: \winnt\system32\dllcache (hidden dir)
: Ivan Hernandez
:
: Kim, Cameron wrote:
:
: >Guys,
: >
: >I have a question regarding IIS 5.0 running on win2k server sp2.
(frontpage
: >extensions not installed)
: >
: >My Web Admin is a bit concerned because he has been trying to delete
: >htimage.exe and imagemap.exe but stubborn windows file protection
continues
: >to replace it. He feels that the following vulnerabilities
: >(http://online.securityfocus.com/bid/964
: ><http://online.securityfocus.com/bid/964> )
: > and
:
>http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security
/
: >bulletin/fq00-028.asp
:
><http://www.microsoft.com/technet/treeview/default.asp?url=/technet/securit
y
: >/bulletin/fq00-028.asp> are still present, even though they are not
: >directly mentioned in the security bulletin.(given that the bulletin is
over
: >2 years old)
: >
: >Is his concern warranted? Or has one of the service packs fixed this
issue?
: >I am looking for some written proof pointing to the fact that this
: >vulnerability doesn't exists anymore. Thanks.
: >
: >
: >
: >Cameron Kim
: >Mitsubishi Digital Electronics America
- Previous message: Marc Maiffret: "RE: SecureIIS"
- In reply to: Ivan Hernandez: "Re: IIS and Frontpage Extensions Vulnerability."
- Next in thread: Brett Moore: "RE: IIS and Frontpage Extensions Vulnerability."
- Reply: Brett Moore: "RE: IIS and Frontpage Extensions Vulnerability."
- Reply: M. Burnett: "Re: IIS and Frontpage Extensions Vulnerability."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
