Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
GEN:SID | 1:1818 |
Message | WEB-IIS MS Site Server admin attempt |
Summary | This event is generated when an attempt is made to access files associated with Microsoft Site Server. |
Impact | Information gathering. This attack may permit leaking of information associated with particular Site Server files. |
Detailed Information | Microsoft Site Server is software for Windows NT servers that allows users to publish, find, and share information. There is a vulnerability that allows leaking of information of some Site Server files when an attacker logs on with the username of 'LDAP_AnonymousUser' and a password of 'LdapPassword_1'. |
Affected Systems | Microsoft Site Server 3.0 |
Attack Scenarios | An attacker can log on to Site Server using a default username and password to view Site Server files. |
Ease of Attack | Simple. |
Corrective Action | Apply Service Pack 4. |
Additional References | Nessus http://cgi.nessus.org/plugins/dump.php3?id=11018 |
Rule References | nessus: 11018 |
--
DID:794004
--
http://www.aanval.com/