[Phpwm] mod_frontpage

Lester Caine lester at lsces.co.uk
Fri Feb 8 11:36:21 GMT 2008


Phil Beynon wrote:
> Hi Andy,
> I didnt know you were on here mate!
> 
> It is actually disabled on the Raq, in that its deactivated withing th GUI
> etc, however what I am doing is the Security Metrics credit card merchant
> compliance testing and somehow its seeing the module is there and
> potentially available and is coming back with;
> 
> The remote host is using the Apache mod_frontpage module. mod_frontpage
> older than 1.6.1 is vulnerable to a buffer overflow which may allow an
> attacker to gain root access. *** Since SMetrics was not able to remotely
> determine the version *** of mod_frontage you are running, you are advised
> to manually *** check which version you are running as this might be a false
> *** positive. If you want the remote server to be remotely secure, we advise
> you do not use this module at all. Solution: Disable this module Risk
> Factor: High CVE : CVE-2002-0427 BID : 425
> 
> It's really just about the only thing that's giving grief on this now, apart
> from tweaking the PHP and MySQL versions to the latest - I've even managed
> to update BIND and stop the DNS recursion lookups.

If you don't actually need mod_frontpage then just delete it?
I can't even see a copy of it on any of my installations and if it's not able 
to load it, then you should be able to find the entry to delete in the config 
file?

-- 
Lester Caine - G8HFL
-----------------------------
Contact - http://home.lsces.co.uk/lsces/wiki/?page=contact
L.S.Caine Electronic Services - http://home.lsces.co.uk
MEDW - http://home.lsces.co.uk/ModelEngineersDigitalWorkshop/
Firebird - http://www.firebirdsql.org/index.php



More information about the Phpwm mailing list