I re-scanned the box, and this time it did not report the presence of this .dll
~doug -----Original Message----- From: Schmidt, Doug [mailto:[EMAIL PROTECTED] Sent: Monday, March 31, 2003 1:26 PM To: '[EMAIL PROTECTED]' Subject: Plugin ID: 10369 (Bug?) Im running Nessus 2.0.1 on RedHat 8.0 with plugin updates from today. I have built a new Windows 2000 box running Dell OpenManage 3.2.3 Port 1311 is the web interface for openmanage. After a scan I get: Plugin ID: 10369 'Microsoft Frontpage dvwssr.dll backdoor' unknown (1311/tcp) The dll '/_vti_bin/_vti_aut/dvwssr.dll' seems to be present. This dll contains a bug which allows anyone with authoring web permissions on this system to alter the files of other users. In addition to this, this file is subject to a buffer overflow which allows anyone to execute arbitrary commands on the server and/or disable it Solution : delete /_vti_bin/_vti_aut/dvwssr.dll Risk factor : High See also : http://www.wiretrip.net/rfp/p/doc.asp?id=45&iface=1 CVE : CVE-2000-0260 BID : 1109 After investigating, this file is not present on the box, nor is the directory it refers to. ~doug ****CONFIDENTIALITY NOTICE**** The Information in this email and any attachments are confidential and intended to be reviewed by only the individual or organization named above. If you have received this email in error, please immediately notify the sender by return email and delete this email from your system. Thank You. ****CONFIDENTIALITY NOTICE**** The Information in this email and any attachments are confidential and intended to be reviewed by only the individual or organization named above. If you have received this email in error, please immediately notify the sender by return email and delete this email from your system. Thank You.
