Korean

<< Back VID 12006 Severity 30 Port 80, ... Protocol TCP Class WWW Detailed Description The IIS 5.0 webserver is vulnerable to a denial of service via a malformed WebDAV requests. WebDAV(Web Distributed Authoring and Versioning) is an extension to the HTTP protocol that allows remote authoring and management of web content. In the Windows 2000 implementation of the protocol, IIS 5.0 performs initial processing of all WebDAV requests, then forwards the appropriate commands to the WebDAV process. However, WebDAV doesn't correctly handle particular type of very long, invalid request containing a lot of ":" <?xml version="1.0"?><a:propfind xmlns:a="DAV:" xmlns:u=" :::::..:*59060...::::::: :"><a:prop><a:displayname /><u:AAAA :::::..:*59060...:::::::AAAAA...A*64..AAAAA /></a:prop></a:propfind> Such a request would cause the IIS 5.0 service to fail. This vulnerability also causes the Web server to restart automatically, which disconnects any active sessions. If this request is repeated continuously this seriously affects IIS performance. * References: http://www.iss.net/security_center/static/6982.php http://www.microsoft.com/technet/security/bulletin/MS01-044.asp Recommendation Apply the patch for this vulnerability. 1. Open this web page http://www.microsoft.com/Downloads/Release.asp?ReleaseID=32011 2. Select your language from the drop-down list at the top of the page and Click <Go> 3. Click <Security Update>. 4. Download to your computer and Click it. 5. Restart your computer to complete the installation. -- OR -- Install the Windows 2000 Service Pack 3 included this fix. -- OR -- Disable WebDAV, make the following changes in the registry. 1. Start Registry Editor (Regedt32.exe). 2. Locate and click the following key in the registry: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W3SVC\Parameters 3. On the Edit menu, click Add Value, and then add the following registry value: Value name: DisableWebDAV Data type: DWORD Value data: 1 Related URL CVE-2001-0508 (CVE) Related URL (SecurityFocus) Related URL (ISS)