Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
GEN:SID | 1:2091 |
Message | WEB-IIS WEBDAV nessus safe scan attempt |
Summary | server is attempted. |
Impact | Information disclosure. |
Detailed Information | A vulnerability exists in a component used by the Microsoft Internet Information Server 5.0 implementation of WebDAV. A specially crafted overly long URI when processed by the server, triggers a buffer overflow in ntdll.dll which results in a system compromise of the targeted host. The exploit only affects versions of IIS 5.0 running on Microsoft Windows 2000 prior to service pack 3. WebDAV is enabled by default on that platform. vulnerabilities using the security scanner nessus. |
Affected Systems | Microsoft Internet Information Server 5.0 WebDAV on Windows 2000 prior to Service Pack 3. |
Attack Scenarios | The attacker is using nessus. |
Ease of Attack | Simple |
Corrective Action | Apply the appropriate vendor supplied patch or service pack. |
Additional References | Nessus: http://cgi.nessus.org/plugins/dump.php3?id=11412 CERT: http://www.cert.org/advisories/CA-2003-09.html CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0109 Bugtraq: http://www.securityfocus.com/bid/7116 Microsoft Corporation: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms03-007.asp http://www.microsoft.com/security/security_bulletins/ms03-007.asp |
Rule References | bugtraq: 7116 cve: 2003-0109 nessus: 11412 nessus: 11413 url: www.microsoft.com/technet/security/bulletin/ms03-007.mspx |
--
DID:496706
--
http://www.aanval.com/