Code: p667 Severity: Notice
Description: This event is generated when an attempt is made to exploit an authentication vulnerability in the WebSpeed WSIS Messenger Administration Utility. Impact: Information gathering and system integrity. Unauthorized administrative access to the to the WebSpeed configuration utility can allow an attacker to view and change WebSpeed configuration, and possibly stop WebSpeed services. Corrective: Disable the WSIS Messenger Administration Utility. Install the appropriate patch. Patches can be found at http://www.progress.com/patches/patchlst/availpatche.html. Disallow access to the WSIS Messenger Administration Utilility from sources external to the protected network.
|
