WebDAV.NTDLL.DLL.Buffer.Overflow
Description
This indicates a buffer overflow vulnerability in Microsoft Internet Information Service (IIS) version 5.0 with WebDAV enabled.
IIS 5.0 supports the Distributed Authoring and Versioning (DAV) extensions of the HTTP protocol as defined in RFC 2518. By default, the entire Web space of IIS is capable of responding to WebDAV requests. Due to inadequate boundary checking, a remote attacker can cause buffer overflow on a target system by passing it a specially-crafted URL request.
Affected Products
Unprotected Windows 2000 or Windows NT 4.0 systems have IIS 5 with WebDAV enabled are vulnerable to the attack.
Impact
The attacker can gain remote access to the victim system and execute arbitrary code on it.
Recommended Actions
Apply appropriate patches or upgrade the system to the latest non-vulnerable version
Disable WebDAV unless absolutely required.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |