Bugtraq mailing list archives
Leveraging search engines against Frontpage enabled servers
From: fdarden () LOCKED COM (frank darden)
Date: Sun, 26 Apr 1998 14:46:32 -0400
Although this isnt really much more than a human bug, I thought I would share the following information. After reading some of the above posts, a friend decided to load up FrontPage Editor, in an effort to seek out vulnerable sites. He did a search on _vti_inf.html to get a list of some Frontpage servers on the net. It was effective, and he found site after site that had NO password whatsoever limiting his ability to edit the servers pages. Actually, I havent spent much time researching FrontPage, but I can say that most admins are incapable of setting this up properly. Frank http://www.locked.com
Current thread:
- pine/pico vt control characters bug Michal Zalewski (Apr 25)
- Special Report On Buffer Overfolws John Vranesevich (Apr 25)
- pine/pico vt control characters bug [2] Michal Zalewski (Apr 25)
- feature Re: pine/pico vt control characters bug GvS One (Apr 25)
- Re: feature Re: pine/pico vt control characters bug Michal Zalewski (Apr 25)
- Re: feature Re: pine/pico vt control characters bug Matt Barrie (Apr 25)
- Leveraging search engines against Frontpage enabled servers frank darden (Apr 26)
- <Possible follow-ups>
- Re: pine/pico vt control characters bug der Mouse (Apr 25)