FrontPage DoS and Path Exposure

FrontPage DoS and Path Exposure
Reported July 2, 2000 by
Dimitri van de Giessen

FrontPage 2000 Server Extensions, version 1.0


FrontPage server extensions will expose critical path information when errors occur while accessing certain DLL files related to the extensions. For example, accessing an invalid file through "_vti_bin/shtml.dll" will reveal path information.

The URL http://targetsystem/_vti_bin/shtml.dll/nosuch.htm would result in the error message "Cannot open D:\Inetpub\virtuals\powerasp\nosuch.htm: no such file or folder."

In addition, if numerous connections are established to the shtml.dll file, the server can be caused to utilize100% of its available CPU cycles


Microsoft is aware of these issues, which will be fixed in Version 1.2 of the FrontPage Server Extensions due for release "any time now" as of July 6, 2000.

Discovered and reported by Dimitri van de Giessen

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.