Exploitable MS FrontPage Apache Installs

A reader writes:"On NewsForge, there is an interview with a system administrator looking for an officially supported FrontPage install for RedHat Linux Apache rpm to fix CERT Advisory CA-2002-17 , which has already found in the wild. According to the interview Microsoft may, at some point, release an official patch or upgrade which Apache, RedHat and others fixed long ago."

RTFCitA

[Outland+Traveller]

Read The F* Comments in the Article!

Lots of people there say that they can get apache to work with frontpage by patching their current version with the security fix instead of upgrading.

Frontpage for Apache still officially supports RH 7.0. Not supporting anything recent isn't exactly new for them. Anyone who uses this extension has learned to fend for themselves.

I personally would dump frontpage. I don't care if half the world uses it. Educate them. Provide them with something else that is workable. If you're going to complain that your business will go under because you don't support frontpage then run IIS and eat worms in your cake.

Still no response from MS

[ebuilder]

I'm still waiting to hear from Microsoft regarding that fix. We like to use officially supported software, so we don't have to be "FrontPage gurus" in order to allow some of our clients to use FrontPage. Plus, we are a Registered Web Presence Provider for Microsoft® FrontPage® version 2002 and all of that...
-Eric