Hacking Frontpage Extensions

Today one of those sites I contribute to was defaced by some stupid kiddies that claim that they deface websites because they "hate the world" or whatever. The usual asshole kiddies wanting to be known as "big hacking motherfuckers" (or 1337 h4x0rZ, or whatever they call themselves this days). They defaced something like 500 or so sites in 24 hours, trying to get a good rank in an whatever site that list them, all of them by using the same technique: exploiting frontpage extensions.

Here's a link explaining how someone can exploit those things, and I'm posting it in the hope that you open your eyes and start avoiding using Frontpage Extensions and hosting your stuff in servers with it. For those that aren't interested in reading it, let me leave you with just a quote:

The FrontPage is a wonderful world full of unexplored exploits and vulnerabilities. Its a shame more time hasn't been spent exploring this more. It also goes to show that the more we try to close doors, the more software vendors open up new ones. Forget BO2k and NetBus, Microsoft did a much better job.