WEB-FRONTPAGE _vti_inf.html access

Identification

Id	990
Alert	WEB-FRONTPAGE _vti_inf.html access
Classification	web-application-activity

Trigger

Microsoft FrontPage provides software for web designers to generate and administer web pages. The file '_vti_inf.html' contains FrontPage configuration information of version number and scripting paths that is normally used by a FrontPage client to communicate with the server. An attacker can craft a URL to access this file to disclose the version number and scripting paths.

Affected systems

Microsoft Internet Information Server with Frontpage extensions

Impact

Information gathering. This attack can leak the version number and scripting paths of Microsoft FrontPage.

False positives

None known

Scenario

An attacker can craft a URL to access the '_vti_inf' file to learn the version and scripting paths of FrontPage.

Example

INCOMPLETE SECTION OR ARTICLE

This section/article is being written and is therefore not complete.
Thank you for your comprehension.

Corrective actions

Apply patches and upgrade to most current version of FrontPage.

Snort-alerts/WEB-FRONTPAGE-vti-inf-html-access

Contents

WEB-FRONTPAGE _vti_inf.html access

Identification

Trigger

Affected systems

Impact

False positives

Scenario

Example

Corrective actions

Share your opinion

Navigation menu

Snort-alerts/WEB-FRONTPAGE-vti-inf-html-access

WEB-FRONTPAGE _vti_inf.html access

Identification

Trigger

Affected systems

Impact

False positives

Scenario

Example

Corrective actions

Share your opinion

Navigation menu

Search