Topics
Tags
Favorite Links
Translate
Pick Your Language
Security Books
Archives
Recent entries...
Twitter
Sponsored Ads
Popular Pages
Sponsored Ads
The Web Security Mailing List

« Compromising web content served over SSL via malicious proxies | Main | L0phtCrack is back, finally available for download »

Understanding Microsoft's KB971492 IIS5/IIS6 WebDAV Vulnerability

Steve Friedl posted the following to bugtraq this afternoon.

"There has been a fair amount written on the vulnerability itself, but
there's a large cohort who has no idea if their systems are at risk
("What is WebDAV, and how do I know if I have or need it???").

So I've written a paper that lets one self-assess to see if this is
an issue or not, mainly with a flowchart the gets to a not-vulnerable
place reliably.

   Unixwiz.net Tech Tip: Understanding Microsoft's KB971492 IIS5/IIS6 WebDAV Vulnerability
   http://unixwiz.net/techtips/ms971492-webdav-vuln.html

Those who find WebDAV enabled still have to find local experts to help
figure out if they have a problem or not, but this should help the bulk
of users who are not at risk."

Posted by Robert A. on 05/27/2009 in IndustryNews , Vulns | Permalink | Reddit

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.


All Comments are Moderated and will be delayed!



i would like to pay your attention to a free tool that checks for WebDAV vulnerability.
go to: http://www.applicure.com/News/WebDAV_Exploit

Posted by: Shuli | Jun 1, 2009 2:46:15 AM

Post a comment







Remember personal info?


Copyright 2000-2009 CGISecurity.com | Privacy Policy| java mailing list| resolve ip| Mailing Lists | Sony deals