Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Denial of Service --> Category: infos

IIS 5.0 WebDav Memory Leakage Vulnerability Scan


Vulnerability Scan Summary
Check the presence of a Memory Leakage in the IIS 5 httpext.dll (WebDav).

Detailed Explanation for this Vulnerability Test

The WebDav extensions (httpext.dll) for Internet Information
Server 5.0 contains a flaw that may allow a malicious user to
consume all available memory on the target server by sending
many requests using the LOCK method associated to a non
existing filename.

This concern not only IIS but the entire system since the flaw can
potentially exhausts all system memory available.

Vulnerable systems: IIS 5.0 ( httpext.dll versions prior to 0.9.3940.21 )

Immune systems: IIS 5 SP2( httpext.dll version 0.9.3940.21)

Solution: Download Service Pack 2/hotfixes from Microsoft web
at http://windowsupdate.microsoft.com

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.