Continuous attacks against IIS 5.0

By N-Stalker Team on July 14, 2003

1) Description:

  • A buffer overflow in a ntdll.dll function can be exploited through the WEBDAV service of IIS 5.0.This vulnerability is currently been widely exploited in the Internet.

2) Impact:

  • Arbitrary execution of commands remotely in the operational system.

3) Fixes:

If it is possible, disable the WebDAV service by setting the registry key below to 1:

  • HKLM\SYSTEM\CurrentControlSet\Services\W3SVC\Parameters\DisableWebDAV

Article: http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B241520

This entry was posted in Previous Security Advisories. Bookmark the permalink.