« Compromising web content served over SSL via malicious proxies | Main | L0phtCrack is back, finally available for download »

Understanding Microsoft's KB971492 IIS5/IIS6 WebDAV Vulnerability

Steve Friedl posted the following to bugtraq this afternoon.

"There has been a fair amount written on the vulnerability itself, but
there's a large cohort who has no idea if their systems are at risk
("What is WebDAV, and how do I know if I have or need it???").

So I've written a paper that lets one self-assess to see if this is
an issue or not, mainly with a flowchart the gets to a not-vulnerable
place reliably.

   Unixwiz.net Tech Tip: Understanding Microsoft's KB971492 IIS5/IIS6 WebDAV Vulnerability

Those who find WebDAV enabled still have to find local experts to help
figure out if they have a problem or not, but this should help the bulk
of users who are not at risk."


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!

i would like to pay your attention to a free tool that checks for WebDAV vulnerability.
go to: http://www.applicure.com/News/WebDAV_Exploit