UNIX-Based Fixes for Server Extensions SR 1.2 (272287)


The information in this article applies to:

  • FrontPage 2000 Server Extensions from Microsoft
This article was previously published under Q272287

SUMMARY

This article describes the UNIX-based fixes that are included with the FrontPage 2000 Server Extensions SR 1.2.

MORE INFORMATION

Security Fixes in the SR 1.2 Release include the following:
  • ASP source code including the Global.asa file could be viewed under certain circumstances. Exposing the ASP source code including the Global.asa could compromise database security.
  • An external attack could cause the server's CPU to spike. Posting large amounts of data to the FrontPage Save Results bot will cause the CPU to spike while Server Extensions process the data.
  • Server Extensions error messages show full operating system path to the Web site.
  • Some directory permissions were not as secure as possible.

NOTE: Special thanks to customers who reported security issues and assisted us with fixing them.
Modification Type:MajorLast Reviewed:4/18/2002
Keywords:kbinfo KB272287
©2002 Microsoft Corporation. All rights reserved.