Thanks to Mark for this one:
Microsoft is working on a fix to correct a security problem with Windows 2000, Internet Information Server 5.0, and FrontPage 2000 that allows a valid FrontPage user to obtain a complete list of user accounts from a remote Windows 2000-based Web server. The issue was reported by Paul Rogers of CoServers Express, who recently contacted BugNet to help confirm the problem.
When a user connects to a remote Web using a FrontPage client, that user can obtain a list of account names by clicking Tools, Security, Permissions, and then Add on the Users tab. It´s no secret that a valid user account can be incredibly useful towards the penetration of network security.
Read more
Microsoft is working on a fix to correct a security problem with Windows 2000, Internet Information Server 5.0, and FrontPage 2000 that allows a valid FrontPage user to obtain a complete list of user accounts from a remote Windows 2000-based Web server. The issue was reported by Paul Rogers of CoServers Express, who recently contacted BugNet to help confirm the problem.
When a user connects to a remote Web using a FrontPage client, that user can obtain a list of account names by clicking Tools, Security, Permissions, and then Add on the Users tab. It´s no secret that a valid user account can be incredibly useful towards the penetration of network security.
Read more