mod_frontpage vulnerability?
Peter Brezny
pbrezny at purplecat.net
Sat Jan 3 20:56:04 PST 2004
Greetings,
I wanted to know if any of you have experienced recent problems running
mod_frontpage.
Last week, one of the systems I am running mod_front page on stopped
allowing front page logins.
I wasn't able to pinpoint the problem, however, re-installing mod_frontpage
fixed the problem.
I'm running a fairly current build:
4.8-RELEASE-p14 #9: Wed Dec 31 17:15:23 EST 2003
Apache/1.3.28 (Unix) mod_perl/1.27 FrontPage/5.0.2.2623 PHP/4.3.4RC1
mod_ssl/
2.8.15 OpenSSL/0.9.7a
I get a lot of error messages in the primary httpd_error.log:
[2004-01-03 23:24:46]: uid: (nobody/nobody) gid: (nobody/nobody) cmd:
/_vti_bin/fpcount.exe
If anyone's got some insight on what may be going on, or tips for further
securing mod_front page, I'd be grateful.
TIA
pb
Peter Brezny
purplecat.net
More information about the freebsd-isp
mailing list