Family: Web Servers --> Category: infos
Microsoft Frontpage dvwssr.dll backdoor Vulnerability Scan
Vulnerability Scan Summary
Searches for the existence of /_vti_bin/_vti_aut/dvwssr.dll
Detailed Explanation for this Vulnerability Test
The dll '/_vti_bin/_vti_aut/dvwssr.dll' seems to be present.
This dll contains a bug which allows anyone with
authoring web permissions on this system to alter
the files of other users.
In addition to this, this file is subject to a buffer overflow
which allows anyone to execute arbitrary commands on the
server and/or disable it
Solution : delete /_vti_bin/_vti_aut/dvwssr.dll
Threat Level: High
See also : http://www.wiretrip.net/rfp/p/doc.asp?id=45&iface=1
Click HERE for more information and discussions on this network vulnerability scan.