[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[VulnDiscuss] Re: [VulnWatch] Microsoft Internet Information Server 5/5.1 Denial of Service (#NISR31102002)



Sorry for the political rant, but I find it pointless to post a follow-up
advisory of Microsoft bulletins when the advisory has no more information
than the bulletin.

The Microsoft bulletin:
A denial of service vulnerability that results because of a flaw in the
way IIS 5.0 and 5.1 allocate memory for WebDAV requests. If a WebDAV
request were malformed in a particular way, IIS would allocate an
extremely large amount of memory on the server. By sending several such
requests, an attacker could cause the server to fail.
The vulnerability does not affect IIS 4.0, as WebDAV is not supported in
this version of IIS.
The vulnerability could only be exploited if the server allowed WebDAV
requests to be levied on it. The IIS Lockdown Tool, if deployed in its
default configuration, disables such requests.

The NGSSoftware advisory:
In this particular instance, a denial of service vulnerability exists due to
a flaw in the way IIS 5.0 and 5.1 allocates memory for WebDAV requests. If a
malformed WebDAV request was sent to the server, IIS would allocate an
extremely large amount of memory on the server. By sending several such
requests, an attacker could cause the server to fail. This vulnerability
could only be exploited if the server allowed WebDAV requests to be levied
on it and is also dependent upon the Indexing server service to be running.
Whilst by default the relevant WebDAV request method is allowed, the
Indexing Service is turned off by default.