Continuous attacks against IIS 5.0
1) Description:
- A buffer overflow in a ntdll.dll function can be exploited through the WEBDAV service of IIS 5.0.This vulnerability is currently been widely exploited in the Internet.
2) Impact:
- Arbitrary execution of commands remotely in the operational system.
3) Fixes:
If it is possible, disable the WebDAV service by setting the registry key below to 1:
- HKLM\SYSTEM\CurrentControlSet\Services\W3SVC\Parameters\DisableWebDAV
Article: http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B241520
This entry was posted in Previous Security Advisories. Bookmark the permalink.