[WEB4LIB] FrontPage Chicanery

Mark Pecaut pecautm at missouri.edu
Thu Feb 22 17:39:16 EST 2001


I don't use Frontpage, but they could be looking for frontpage 
vulnerabilites.  I don't know if they still do, but the 
frontpage `extensions' have a history of letting people 
overwrite passwords, or even run arbitrary commands on the 
webserver.  
It is explained better here:
http://www.insecure.org/sploits/Microsoft.frontpage.insecurities.html

Just a shot in the dark,
Oh, yes, and `vti' stands for `Vermeer Technology Inc'.
This is the company MS bought so they could have Frontpage.


On Thu, Feb 22, 2001 at 02:03:54PM -0800, Thomas Dowling wrote:
> Web4Lib--
> 
> Would someone who works with FrontPage 4 explain to me why copies of it
> from all over the world try to both GET and POST documents on my server in
> various "/_vti_" files or directories?
> 
> And has anyone ever taken a 10GB core file, named it "_vti_inf.html" and
> given such FP'ers what they deserve?  [fx: Dowling's evil chortle]

I haven't, but it sounds like fun!
 
> 
> Thomas Dowling
> OhioLINK - Ohio Library and Information Network
> tdowling at ohiolink.edu

-Mark


More information about the Web4lib mailing list