Home page logo
/

bugtraq logo Bugtraq mailing list archives

More Microsoft debri
From: lev () APPLE COM (Lloyd Vancil)
Date: Thu, 23 Apr 1998 08:36:02 -0700


Looking at my Netscape error log on my web servers recently I have found
several entries that look like this:

[08/Apr/1998:08:07:07] config: for host *blah* trying to POST
/_vti_bin/shtml.exe/_vti_rpc, handle-processed reports: no way to service
request for /_vti_bin/shtml.exe/_vti_rpc

Host name removed to protect the -apparently- innocent


The file being posted here is the M$ control file  for servers managed by
"FrontPage."

In the beginning I thought these were all attempts to "take over" my
server
by placing a hacked version of the software in my server.  Since we don't
run NT or 95, for obvious reasons, I was somewhat surprised by the
frequency of such brain dead attacks and even more surprised that it
might work.

Recently I have learned that the M$ software itself attempts to POST to
this file if you attempt to "verify off site links" on a server managed
by this software.

IN-other-words, every time you attempt to verify links to other servers
on your M$ managed
http server, that server will ASSUME that every one is a M$ managed
server and add yet another error entry to their error file.


I have notified M$   -as expected No response-



         lev@    _/_/_/_/  _/_/_/_/  _/_/_/_/  _/      _/_/_/
searchmaster@   _/    _/  _/    _/  _/    _/  _/      _/
               _/    _/  _/_/_/_/  _/_/_/_/  _/      _/_/_/    .com
              _/_/_/_/  _/        _/        _/      _/
             _/    _/  _/        _/        _/_/_/  _/_/_/



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault