Why use FrontPage extension?
Microsoft FrontPage goes toward simplifying your Web authoring, managing, and serving tasks.The extensions work through three Web advancements: CGI (Common Gateway Interface), ISAPI, (Internet Server Application Program Interface), and HTTP.
They let the Microsoft FrontPage 2000 customer (and prior renditions with shifting achievement) speak with the server to permit coordinate transfers and downloads of information and documents (without requiring FTP).
They let the server give FrontPage-particular features to the site guest's browser, with no additional programming or scripting with respect to the creator.
What are FrontPage server extension vulnerabilities?
Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, and then leverage the attack to execute arbitrary programs or create new accounts.
Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions, allows remote attackers to cause a denial of service (response failure) via a certain request.
Buffer overflow in (shtml.dll) in Microsoft FrontPage Server Extensions allows remote attackers to cause a denial of service (CPU consumption) or run arbitrary code, respectively, via a certain type of web file request.
Disable your FrontPage extensions:
Access the Hosting Control Panel
Click on the Site Center button
Click on FrontPage Extensions
Click on the Disable button
Confirm that your FrontPage extensions have been disabled then click on the Cancel button
Other preventive action to take:
Secure user accounts.
Set proper permissions
Keep your software sufficiently patched. Make sure that you always have the latest version of FrontPage Server Extensions and your OS is always updated with the latest service packs and hotfixes
Use Secure Sockets Layer (SSL) for authoring
Set IP restrictions on FrontPage Server Extensions directories
Move the FrontPage Server Extensions binaries. As I mentioned earlier, placing the binaries on the system partition isn't the safest scenario. Consider moving them to a more secure location