Intrusion Prevention

WebDAV.NTDLL.DLL.Buffer.Overflow

Description

This indicates a buffer overflow vulnerability in Microsoft Internet Information Service (IIS) version 5.0 with WebDAV enabled.

IIS 5.0 supports the Distributed Authoring and Versioning (DAV) extensions of the HTTP protocol as defined in RFC 2518. By default, the entire Web space of IIS is capable of responding to WebDAV requests. Due to inadequate boundary checking, a remote attacker can cause buffer overflow on a target system by passing it a specially-crafted URL request.

Affected Products

Unprotected Windows 2000 or Windows NT 4.0 systems have IIS 5 with WebDAV enabled are vulnerable to the attack.

Impact

The attacker can gain remote access to the victim system and execute arbitrary code on it.

Recommended Actions

Apply appropriate patches or upgrade the system to the latest non-vulnerable version

Disable WebDAV unless absolutely required.

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

ID	12369
Created	Sep 11, 2006
Updated	Apr 17, 2023
Risk
CVE ID	CVE-2003-0109
Exploit Prediction Score	97.42%
Default Action	drop
Active
Affected OS	Windows
Affected App	IIS

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Intrusion Prevention

WebDAV.NTDLL.DLL.Buffer.Overflow

Description

Affected Products

Impact

Recommended Actions

Telemetry

Coverage

References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

Intrusion Prevention

WebDAV.NTDLL.DLL.Buffer.Overflow

Description

Affected Products

Impact

Recommended Actions

Telemetry

Coverage

References

Threat Intelligence
Center