Penetration Testing mailing list archives

Pen Test help

From: "Juda Barnes" <securityfocus () mymail pent900 com>
Date: Thu, 14 Jul 2005 20:57:22 +0200

 
Hi all
 
     i am doing Audit and pen test on machine till now i have figure out
that it is running 
    on Microsoft Windows 2000 SP3 or maybe SP4  Default installation
 
    With WebDAV and FrontPage Installed
 
 
 
    FPSE 4.0.2.5526, Microsoft-IIS/5.0
 
    i used nessus and find the following vulnerbilities
 
   -----> Plugin ID 11412  - WebDav Remote exploit  MS03-007
   -----> Plugin ID 11664  - NSIISLOG.DLL 
    Plugin ID 10661  - IIS5 .printer ISAP IPP
    Plugin ID 10695  - .IDA ISAPI  (MS01-033)
 
 
    also i have verifyed that the server have nsiislog by
http://server/scripts/nsiislog.dll 
    i have tried to use the nsiislog exploit with no sucsseful ,
 
    i will appriciate any good links where can i read regarding the NSIISLOG
exploit or other exploits
    that i can find for that machine ( i wrote the vulnerabilities up there)

Current thread:

Pen Test help Juda Barnes (Jul 14)
- <Possible follow-ups>
- RE: Pen Test help er t (Jul 15)
  - RE: Pen Test help Juda Barnes (Jul 16)
    - Re: Pen Test help H D Moore (Jul 16)
    - RE: Pen Test help Juda Barnes (Jul 17)
    - Re: Pen Test help H D Moore (Jul 18)
- RE: Pen Test help Stephane Auger (Jul 18)
  - Re: Pen Test help H D Moore (Jul 18)
- FW: Pen Test help Juda Barnes (Jul 18)
- RE: Pen Test help Stephane Auger (Jul 18)
- RE: Pen Test help Roberts, Scott (Jul 18)