FrontPage服务器扩展安装的漏洞 [英] FrontPage Server Extensions Installed Vunerability

问题描述

我们针对面向SharePoint 2010网站的客户进行了PEN测试，该网站用于托管许多InfoPath表单，并且突出显示了以下问题:-

We had a PEN test run against a customers public facing SharePoint 2010 site that is used to host a number of InfoPath forms and it highlighted the following issue:-

FrontPage服务器扩展已安装在受影响的主机上. FrontPage Server Extensions允许网站创作，并且应仅限于受信任的主机或网络.

因此，尚未在前端Web服务器上安装/启用Front Page服务器扩展.

As such, Front Page server extensions have not be installed/enabled on the front end web server.

以下文章

The following article  http://thuansoldier.net/?p=4298 explains that this is due to the original version of SharePoint being based upon Front Page and that certain elements/dlls from Front Page are still used by SharePoint. This article also suggests restricting access to specified area/folders to prevent users from accessing SharePoint build/version details. It also mentions contacting Microsoft.

是否还有其他人遇到此问题，以及解决此问题的最佳方法是什么，或者是否需要警惕

Has anyone else come across this issue, and what the best approach to resolving this issue, or whether it is a issue to be wary of 

推荐答案

这无关紧要.笔测试未考虑特定产品及其工作方式. FPSE本身将是一个标志，但是作为SharePoint产品的一部分，不必担心.

This isn't something to be concerned about. The pen test doesn't take into account specific products and how they work. FPSE itself would be a flag, but as part of the SharePoint product isn't something to be concerned about.

这篇关于FrontPage服务器扩展安装的漏洞的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！