Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Denial of Service --> Category: infos

IIS 5.0 WebDav Memory Leakage Vulnerability Scan

Vulnerability Scan Summary
Check the presence of a Memory Leakage in the IIS 5 httpext.dll (WebDav).

Detailed Explanation for this Vulnerability Test

The WebDav extensions (httpext.dll) for Internet Information
Server 5.0 contains a flaw that may allow a malicious user to
consume all available memory on the target server by sending
many requests using the LOCK method associated to a non
existing filename.

This concern not only IIS but the entire system since the flaw can
potentially exhausts all system memory available.

Vulnerable systems: IIS 5.0 ( httpext.dll versions prior to 0.9.3940.21 )

Immune systems: IIS 5 SP2( httpext.dll version 0.9.3940.21)

Solution: Download Service Pack 2/hotfixes from Microsoft web

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.