Bugtraq mailing list archives
Program and Source for Removal of IDA/IDQ Script Mappings (in response to Red Code Worm)
From: "Critical Watch Bugtraqqer" <bugtraq () criticalwatch com>
Date: Fri, 20 Jul 2001 15:35:39 -0500
Hello everyone This is in response to the sheer numbers of web server that got pummeled by this new worm. While many people and firms created exploit/checks/Advisories for this Dangerous exploit, we have yet to see a "helping hand" program...until now! Having previously worked at a site with a huge server farm I experienced how painful it can be to go to 175 machines to install a single hot fix. This program will allow you to sit at your desk and simply yank the script mappings from the web server altogether and eliminate some 6 or so vulnerabilities that are associated with Index Services. This is a very simple program that you can use to remove the .IDA and .IDQ script mappings from the root of a web server and from all its sub-web sites. We have included the source code as well as the setup packages. (the metautil.dll has to get installed) for your perusal. You may retrieve the 1.43 meg download from our web site at http://www.criticalwatch.com/downloads/IDA_ScriptRemoval_Util.zip Nelson Bunker, CISSP V.P. of Security Critical Watch
Current thread:
- Program and Source for Removal of IDA/IDQ Script Mappings (in response to Red Code Worm) Critical Watch Bugtraqqer (Jul 20)