Vulnerability Detail

FrontPage services.cnf Information Disclosure

Patrol Code: P8-0050 Default Severity: INFO
CWE-ID: N/A

Description:

Frontpage/Sharepoint server extensions were found on the target website. FrontPage Server Extensions implement administration, authoring, and runtime functionality. Although Microsoft has greatly improved FrontPage Server Extensions security since the product's first release, FrontPage Server Extensions still increase a Web server's exposure to attack. If you use FrontPage to connect to a Web server, the software prompts you for a password. Password protection gives intruders an additional opportunity to guess a users password. Attackers can easily script a brute-force attack to try hundreds or thousands of common passwords. If the intruders compromise the password, they can use FrontPage Server Extensions to modify Web content. Many other Microsoft technologies - including Web Folders, Office Web publishing, and SharePoint Team Services - are also tightly integrated with FrontPage Server Extensions.

The services.cnf file was found to reveal a list of FrontPage/Sharepoint subwebs.

Remediation:

Administrators should manually inspect the 'services.cnf' file on the target server to verify this issue. If the file is unnecessary, it should be removed from the server. If it is required, the organization should consider restricting access to only authorized individuals.

References

  • None