Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Denial of Service --> Category: mixed

IIS 5.0 PROPFIND Vulnerability Vulnerability Scan


Vulnerability Scan Summary
Attempts to crash the Microsoft IIS server

Detailed Explanation for this Vulnerability Test

It was possible to disable the remote IIS server
by making a variation of a specially formed PROPFIND request.
A possible hacker, exploiting this vulnerability, would be able
to render the web service useless. If the server is 'business
critical', the impact could be high.

Solution : disable the WebDAV extensions, as well as the PROPFIND command
See
http://support.microsoft.com/support/kb/articles/Q241/5/20.ASP
See also:
http://www.microsoft.com/technet/security/bulletin/MS01-016.mspx

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.