| Syhunt TS Scanner Report |
|
Syhunt TS Security Scanner report for - (172.17.0.6) Date: 06/09/2004 3:58:06 PM Scan Rule: Normal
|
| 172.17.0.6 |
|
Host name: - Port: 80 Server: Welcome to Snoopy, Behave! Server may have HTTP vulnerabilities/exposures 7 item(s) |
| Common Directory Checking Test |
|
Risk Level: Low Location: Tip from the SANS/FBI Top 20 - Configure your web server to use CGI alerting scripts for Error Responses. WebAdmins need to keep tabs on all of these security related issues with their web servers. To assist with this monitoring, the web server should be configured to use custom CGI error response pages for server response codes 401, 403, 413 and 500. The error pages are PERL CGI scripts that are initiated every time the server issues either of these response codes. These scripts accomplish many important tasks including issuing an html warning banner to the client and immediately sending an e-mail notification to the WebAdmin. The e-mail message automates the process of manually collecting security related session information from the web server access and error logs for the request. |
| FrontPage CGI Vulnerability/Exposure |
|
Risk Level: Medium Location: Some versions or configurations of this item have known security problems. If you are not running the latest version, we highly recommend upgrading to the latest version or applying patches. If you are not able to perform the steps above, you should try to remove or disable it. |
| FrontPage CGI Vulnerability/Exposure |
|
Risk Level: Medium Location: Some versions or configurations of this item have known security problems. If you are not running the latest version, we highly recommend upgrading to the latest version or applying patches. If you are not able to perform the steps above, you should try to remove or disable it. |
| IIS 4.0 fpcount.exe Buffer Overflow Vulnerability |
|
CVE: CAN-1999-1376 Risk Level: High Location: This vulnerability may allow remote attackers to execute arbitrary commands. |
| IIS 4.0 fpcount.exe Buffer Overflow Vulnerability |
|
CVE: CAN-1999-1376 Risk Level: High Location: This vulnerability may allow remote attackers to execute arbitrary commands. |
| IIS 4.0 fpcount.exe Buffer Overflow Vulnerability |
|
CVE: CAN-1999-1376 Risk Level: High Location: This vulnerability may allow remote attackers to execute arbitrary commands. |
| Microsoft FrontPage Server Extensions MS-DOS Device Name DoS Vulnerability |
|
CVE: CVE-2000-0709 Risk Level: Medium Location: This vulnerability may allow remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DOS device name. |
| v6.7 (Build 96). DB v67951 - 05/02/2004 |