Hi Folks, I scanned a host today, and some problems that Nessus reports, have aready been fixed following the "Solution", but Nessus insist to report it yet!
The error is: The IIS server appears to have the .SHTML ISAPI filter mapped. At least one remote vulnerability has been discovered for the .SHTML filter. This is detailed in Microsoft Advisory MS02-018 and results in a denial of service access to the web server. It is recommended that even if you have patched this vulnerability that you unmap the .SHTML extension, and any other unused ISAPI extensions if they are not required for the operation of your site. An attacker may use this flaw to prevent the remote service from working properly. *** Nessus reports this vulnerability using only *** information that was gatherered. Use caution *** when testing without safe checks enabled Solution: See http://www.microsoft.com/technet/security/bulletin/ms02-018.asp and/or unmap the shtml/shtm isapi filters. To unmap the .shtml extension: 1.Open Internet Services Manager. 2.Right-click the Web server choose Properties from the context menu. 3.Master Properties 4.Select WWW Service -> Edit -> HomeDirectory -> Configuration and remove the reference to .shtml/shtm and sht from the list. Risk factor : Medium CVE : CAN-2002-0072 Is it a false positive???? Obrigado / Regards /* * Thiago Canozzo Lahr * I/T Security Brazil .:. IBM Global Services * Email: [EMAIL PROTECTED] * T/L: 6839-7091 .:. Phone: +55 19 3887-7091 */ - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
