|Title:||Microsoft Frontpage dvwssr.dll backdoor|
|Summary:||Checks for the presence of /_vti_bin/_vti_aut/dvwssr.dll|
The dll '/_vti_bin/_vti_aut/dvwssr.dll' seems to be present.
This dll contains a bug which allows anyone with
authoring web permissions on this system to alter
the files of other users.
In addition to this, this file is subject to a buffer overflow
which allows anyone to execute arbitrary commands on the
server and/or disable it
Solution : delete /_vti_bin/_vti_aut/dvwssr.dll
Risk factor : High
See also : http://www.wiretrip.net/rfp/p/doc.asp?id=45&iface=1
BugTraq ID: 1109|
Common Vulnerability Exposure (CVE) ID: CVE-2000-0260
Microsoft Security Bulletin: MS00-025
|Copyright||This script is Copyright (C) 2000 Renaud Deraison|
|This is only one of 58962 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.