Re: IIS and Frontpage Extensions Vulnerability.
From: M. Burnett (mburnett@xato.net)Date: 08/29/02
- Previous message: sn0rt_y@hotmail.com: "Windows 2000 Application log corruption"
- In reply to: Ken Schaefer: "Re: IIS and Frontpage Extensions Vulnerability."
- Next in thread: Kim, Cameron: "RE: IIS and Frontpage Extensions Vulnerability."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "M. Burnett" <mburnett@xato.net> To: <ken@adOpenStatic.com>, <focus-ms@securityfocus.com> Date: Thu, 29 Aug 2002 11:03:12 -0600
You cannot use the TechNet security bulletin search for FrontPage
stuff. Its just not accurate. Sometimes FrontPage fixes are
classified under FrontPage, sometimes under IIS, and sometimes under
Windows 2000. Sometimes they are patched with their own service pack
(which are not listed at the TechNet security site). Sometimes they
are included in the win2k services packs and security roll-ups and
sometimes they are not. Oh and sometimes they are updated with
service packs of other products, such as MS Office.
Mark Burnett
iissecurity.net
------------------------------------------------------
Try Pafwert, a free random password generator. Creates strong
passwords that are easy to remember:
http://www.iissecurity.net/pafwert
<a href="http://www.iissecurity.net/pafwert">Pafwert</a>
On Thu, 29 Aug 2002 17:34:37 +1000, Ken Schaefer wrote:
>Additionally,
>
>You could: a) change the NTFS permissions on those files b) you
>could change the IIS permissions so that "Execute" is not allowed
>etc
>
>As well the bulletin only mentions FPSE97 and FPSE98 as
>vulnerable...
>
>Since Win2k ships with FPSE2000 you shouldn't have a problem. Please
>see:
>http://www.microsoft.com/technet/treeview/default.asp?url=/technet/se
>curity/
>current.asp?productid=112&servicepackid=146&submit1=go&isie=yes
>(lists no bulletins that for FPSE2000)
>
>Cheers Ken
>
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From: "Ivan Hernandez"
><ivan.hernandez@globalsis.com.ar> Sent: Thursday, August 29, 2002
>3:48 AM Subject: Re: IIS and Frontpage Extensions Vulnerability.
>
>
>: You can delete both files deleting the file protection cache at :
>\winnt\system32\dllcache (hidden dir) : Ivan Hernandez : : Kim,
>Cameron wrote: : : >Guys, : > : >I have a question regarding IIS 5.0
>running on win2k server sp2.
>(frontpage : >extensions not installed) : > : >My Web Admin is a bit
>concerned because he has been trying to delete : >htimage.exe and
>imagemap.exe but stubborn windows file protection continues : >to
>replace it. He feels that the following vulnerabilities :
>>(http://online.securityfocus.com/bid/964 :
>><http://online.securityfocus.com/bid/964> ) : > and :
>>
>>http://www.microsoft.com/technet/treeview/default.asp?url=/technet/s
>>ecurity
>/ : >bulletin/fq00-028.asp :
>>
>><http://www.microsoft.com/technet/treeview/default.asp?url=/technet/
>>securit
>y : >/bulletin/fq00-028.asp> are still present, even though they
>are not : >directly mentioned in the security bulletin.(given that
>the bulletin is over : >2 years old) : > : >Is his concern
>warranted? Or has one of the service packs fixed this issue?
>: >I am looking for some written proof pointing to the fact that
>this : >vulnerability doesn't exists anymore. Thanks.
>: > : > : > : >Cameron Kim : >Mitsubishi Digital Electronics America
>
- Previous message: sn0rt_y@hotmail.com: "Windows 2000 Application log corruption"
- In reply to: Ken Schaefer: "Re: IIS and Frontpage Extensions Vulnerability."
- Next in thread: Kim, Cameron: "RE: IIS and Frontpage Extensions Vulnerability."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
