Upgrade it.
mod_frontpage installed, what to do next?
Hi all, I did a scan on one of my servers and I found that it had a vulnerability
Now I have had a look at the server and found that it has version 1.4 so it should be vulnerable. Only thing is I don’t think that there is any public exploits or anything available for this particular vulnerability. So my question is, what is my next step? Could someone point me in the right direction?Code:mod_frontpage installed The remote host is using the Apache mod_frontpage module. mod_frontpage older than 1.6.1 is vulnerable to a buffer overflow which may allow an attacker to gain root access. *** Since Nessus was not able to remotely determine the version *** of mod_frontage you are running, you are advised to manually *** check which version you are running as this might be a false *** positive. If you want the remote server to be remotely secure, we advise you do not use this module at all. Solution : Disable this module Risk factor : High CVE : CVE-2002-0427 BID : 4251 Nessus ID : 11303
Upgrade it.
Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69
The server isn't really accessible to the “outside” world…. I have to create a vpn tunnel into the network to access it… it’s a server I have at home that I use to testing and such… so I am not to worries about the vulnerability being there, I thought it would be a good sort of lesson… well a sort of real world example…Originally Posted by Barry
The thing I love the most about Linux and Unix is the crystal clear error messages it gives.
Example of windows error message: ERROR 557.8 << WTF does that mean
Example of Linux error message:If you want the remote server to be remotely secure, we advise
you do not use this module at all.
Not only is there a error it clearly says: Solution : Disable this module
It seems to me you are fishing for some one to help you with a exploit which I don't think is going to happen. This type of social engineering is pretty lame.
you askedyou were told by nessus:So my question is, what is my next step? Could someone point me in the right direction?and you were told by barry:If you want the remote server to be remotely secure, we advise
you do not use this module at all.
Solution : Disable this module
Risk factor : HighDid you do these things? NO instead you said:Upgrade it.It seems to me if you were truly conducting testing you would have provided info like this in the beginning and I may have believed you.The server isn't really accessible to the “outside” world…. I have to create a vpn tunnel into the network to access it… it’s a server I have at home that I use to testing and such… so I am not to worries about the vulnerability being there, I thought it would be a good sort of lesson… well a sort of real world example…
To be honest i didnt see how it would of been relevant...
Well guess I know for next time to be more descriptive in my initial post from now on
Posting Permissions