Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Microsoft Internet Information Server 5/5.1 Denial of Service (#NISR31102002)

Microsoft Internet Information Server 5/5.1 Denial of Service (#NISR31102002)

by Nikola Strahija on October 31st, 2002 Microsofts Internet Information Server and Intranet Server 5.0 and 5.1 comes with a feature called WebDAV. WebDAV, or Web-based Distributed Authoring and Versioning, is the emerging standard in web-based collaboration. Simply put, WebDAV allows web development teams and other workgroups to use a remote web server as easily as if it were a local file server. Technically, WebDAV is a set of extensions to the HTTP protocol.


Details
*******

In this particular instance, a denial of service vulnerability exists due to
a flaw in the way IIS 5.0 and 5.1 allocates memory for WebDAV requests. If a
malformed WebDAV request was sent to the server, IIS would allocate an
extremely large amount of memory on the server. By sending several such
requests, an attacker could cause the server to fail. This vulnerability
could only be exploited if the server allowed WebDAV requests to be levied
on it and is also dependent upon the Indexing server service to be running.
Whilst by default the relevant WebDAV request method is allowed, the
Indexing Service is turned off by default.


Fix Information
***************

NGSSoftware alerted Microsoft to these problems on the 16th May 2002. A
patch can be found at
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
bulletin/MS02-062.asp

Common Vulnerabilities & Exposures
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1182

A check for these issues has been added to Typhon II, of which more
information is available from the
NGSSoftware website:
http://www.ngssoftware.com


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »