-   Linux - Server (
-   -   apache POST /_vti_bin/_vti_aut/fp30reg.dll returns 302 (

mrtwice 10-12-2009 08:50 AM

apache POST /_vti_bin/_vti_aut/fp30reg.dll returns 302
I am getting the following notice in my logwatch files:


/_vti_bin/_vti_aut/fp30reg.dll HTTP Response 302
and a message from logwatch indidicating the above is a possible exploit. On most of my v-hosts, any kind of request to '/_vti_bin/_vti_aut/fp30reg.dll' returns a 404. However, I have one particular host that returns the 302 above. That host does not have front page extensions installed (at least explicitly). How can I determine why a 302 is being returned? I have tried doing a GET request, but I always get a 404.

This is on a ubuntu 9.04 server.

All times are GMT -5. The time now is 08:36 AM.