[14626] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: More vulnerabilities in FP

daemon@ATHENA.MIT.EDU (Ron van Daal)
Mon Apr 24 12:04:17 2000

Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id:  <Pine.LNX.4.10.10004221206440.32105-100000@server.syntonic.net>
Date:         Sat, 22 Apr 2000 12:41:26 +0200
Reply-To: Ron van Daal <ronvdaal@SYNTONIC.NET>
From: Ron van Daal <ronvdaal@SYNTONIC.NET>
X-To:         BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To:  <004c01bfa9f7$f7626420$010aa8c0@farside.net>

> To test this vulnerability we need "htimage.exe" in our "cgi-bin"
> directory (it's installed by default) and premission to execute it.
> That's why only Windows is vulnerable, Unix to execute "htimage.exe" +
> If "htimage.exe" exist). based systems can't execute "*.exe" files.

Incorrect. The FrontPage98 server extensions for Linux contains several
*.exe files, which are 32-bit ELF executables. The Linux port of the FP98
server extensions isn't vulnerable, because of the missing htimage.exe.

Regards,

Ron van Daal | Syntonic Internet | The Netherlands


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[14626] in bugtraq

Re: More vulnerabilities in FP

daemon@ATHENA.MIT.EDU (Ron van Daal)Mon Apr 24 12:04:17 2000

daemon@ATHENA.MIT.EDU (Ron van Daal)
Mon Apr 24 12:04:17 2000