Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:FRONTPAGE:ADMIN.PWD-REQ

Severity

 Medium

Recommended

 No

Category

 HTTP

Release Date

 2003/04/22

Update Number

 1213

Supported Platforms

 di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Frontpage: administrators.pwd File Request


This signature detects attempts to access the Microsoft FrontPage Extensions for UNIX .pwd file that contains sensitive account information.

Extended Description

Unspecified versions of Frontpage extensions for unix have been reported to create a readable (and occasionally writable) file called "services.pwd" which contains encrypted password and account information. These appear to be created in various directories and have been reportedly found by "find / -name service.pwd -print". Additionally, it is reported that unspecified versions of Frontpage Extensions create a file "/_vti_pvt/administrators.pwd" which often has improper permissions set. This can be retrieved remotely via the URL "http://www.yourhost.com/_vti_pvt/administrators.pwd". Version information and verification of these issues could not be obtained.

Affected Products

  • Microsoft FrontPage 1.1
  • Microsoft FrontPage 98 Server Extensions for IIS

References

  • BugTraq: 1205

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out