National Cyber-Alert System
Vulnerability Summary: ARC-001
Orirignal release date: 2006-05-01
Source: Advanced Research Corporation ®

Overview

    The FrontPage extensions provide a facility for the author and the administrator to manage the web server content. However, author.dll and/or adin.dll were determined to accessible by the world. This provides a clear vector for brute force password guessing attacks on the web server.

Impact

    CVSS Severity: 7.0 (High)
    Range: remote
    Authentication:
    Impact Type:

Reference to Advisories, Solutions, and Tools

Vulnerable Software and Vendor

    FrontPage

Technical Details