home *** CD-ROM | disk | FTP | other *** search
- PWD's (other)
-
- Vulnerability in FrontPage Server Extensions
-
- SYSTEMS AFFECTED
- Systems (NT/Unix) running Microsoft FrontPage Server Extensions.
-
- PROBLEM
- The well publicized misconfiguration of FrontPage Password files has
- lead to many people finally fixing their systems. However, some systems
- are not fully protected. It seems that most System Administrators may
- search their system for Service.pwd files and then repair the permissions
- on these files to prevent possibly system intrusion. Other PWD files are
- now known to still be misconfigured and allow possibly intruders to
- extract the password file and crack the DES encryption.
-
- IMPACT
- The extraction and cracking of these password files could lead to your
- website being compromised. If the same password is also used as your
- system login, then your your network could possibly be at risk as well.
-
- EXPLOIT
- Some of the new PWD files to look for are:
-
- Administrator.pwd
- Administrators.pwd
- Authors.pwd
- Users.pwdthese files.
-
- To find and extract these files, several methods could be used:
-
- Use a browser to directly goto the following URL:
- http://www.victim.com/_vti_pvt/(filename).pwd
- Variants of the URL could also include Sub web names or User names.
-
- Using common search engines could also locate these files. FTP Search
- Engines are very effective for pinpointing the existance of these files.
-
- SOLUTION
- Place the proper security permissions on ALL pwd files on your server.
-
- The contents of this advisory are Copyright (c) 1998 the Rhino9 security
- research team, this document may be distributed freely, as long as
- proper credit is given.
-
-