Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: Jason on November 27, 2001, 08:28:28 PM

Title: Front page extensions, not secure ?
Post by: Jason on November 27, 2001, 08:28:28 PM

I have seen many topics on this phorum regarding Frontpage server extensions and the "end all" last answer is security.  I have looked on the web and cant find this elusive huge security hole that Frontpage server extensions leave on a linux or Unix box.

  The only issue I found was a Phorum is which someone stated that Frontpage server extensions make your system vulnerable to "Code red" that is absolutely not correct.  That affected the index server on IIS4-5 which is not available on *nix.

  If someone could reply with the url to information that will convince me that Frontpage server extensions are insecure that would be great.  Unfortunately I have never had the security breach explained technically besides, it leaves a big gaping security hole in your *nix box.  Any info regarding this would be greatly appreciated, but please dont post " I have heard".  

  thanks much.

Title: Re: Front page extensions, not secure ?
Post by: Charlie Brady on November 28, 2001, 01:50:48 AM

Jason wrote:

>   I have seen many topics on this phorum regarding Frontpage
> server extensions and the "end all" last answer is security.
> I have looked on the web and cant find this elusive huge
> security hole that Frontpage server extensions leave on a
> linux or Unix box.
...
>   If someone could reply with the url to information that
> will convince me that Frontpage server extensions are
> insecure that would be great.

http://www.google.com/search?q=frontpage+security

Charlie