Frontpage Extensions Enabled

Title:

Frontpage extensions enabled.

Vulnerability:

Why use FrontPage extension?
Microsoft FrontPage goes toward simplifying your Web authoring, managing, and serving tasks.The extensions work through three Web advancements: CGI (Common Gateway Interface), ISAPI, (Internet Server Application Program Interface), and HTTP.
They let the Microsoft FrontPage 2000 customer (and prior renditions with shifting achievement) speak with the server to permit coordinate transfers and downloads of information and documents (without requiring FTP).
They let the server give FrontPage-particular features to the site guest's browser, with no additional programming or scripting with respect to the creator.

What are FrontPage server extension vulnerabilities?

  • Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, and then leverage the attack to execute arbitrary programs or create new accounts.
  • Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions, allows remote attackers to cause a denial of service (response failure) via a certain request.
  • Buffer overflow in (shtml.dll) in Microsoft FrontPage Server Extensions allows remote attackers to cause a denial of service (CPU consumption) or run arbitrary code, respectively, via a certain type of web file request.

Solution:

Disable your FrontPage extensions:

  • Access the Hosting Control Panel
  • Click on the Site Center button
  • Click on FrontPage Extensions
  • Click on the Disable button
  • Confirm that your FrontPage extensions have been disabled then click on the Cancel button

Other preventive action to take:

  • Secure user accounts.
  • Set proper permissions
  • Keep your software sufficiently patched. Make sure that you always have the latest version of FrontPage Server Extensions and your OS is always updated with the latest service packs and hotfixes
  • Use Secure Sockets Layer (SSL) for authoring
  • Enable logging
  • Set IP restrictions on FrontPage Server Extensions directories
  • Move the FrontPage Server Extensions binaries. As I mentioned earlier, placing the binaries on the system partition isn't the safest scenario. Consider moving them to a more secure location