MS.FrontPage._vti_inf.html.Access
Description
This indicates an attack attempt against a file-disclosure vulnerability in Microsoft FrontPage.
The file _vti_inf.html contains Microsoft FrontPage configuration information such as version number and scripting paths. There exists a vulnerability in some versions of IIS that allows attackers to access this file on a target system by sending it a specially crafted URL request.
Affected Products
Any unprotected older version of FrontPage is vulnerable to the attack.
Impact
Attackers gain the version and scripting paths information of FrontPage.
Recommended Actions
Apply the appropriate patches or upgrade the system to the latest non-vulnerable version.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |