Frontpage Security Flaw

Forum Moderators: phranque

Message Too Old, No Replies

Frontpage Security Flaw

Server Extensions Vulnerable

digitalghost

2:47 am on Sep 27, 2002 (gmt 0)

"In the case of FrontPage Server Extensions 2000, an attacker could use this vulnerability to monopolize a server and prevent legitimate users from being able to use the Web server," Microsoft's security site says. "In the case of FrontPage Server Extensions 2002, an attacker could potentially cause a buffer overrun on the Web server."

Full Story: [techtv.com...]

jeremy goodrich

4:02 pm on Oct 10, 2002 (gmt 0)

Hmm...does this account for all the strange requests I've seen lately on some sites? They all live on linux boxes, but I've seen many front page extension requests lately, which shouldn't happen I think.

Thanks for the heads up.

Correct me if I'm wrong: not only is IIS insecure, but even installing a Microsoft thing on a beloved *nix server could add insecurity? That seems a compelling reason to stay away from it...