RE: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability

• Previous message: Renaud Deraison: "Re: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability"
• Maybe in reply to: Gary O'leary-Steele: "Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability"
• Next in thread: Frank Knobbe: "RE: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability"
• Reply: Frank Knobbe: "RE: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 18 Mar 2003 20:02:05 -0800
From: "Royans Tharakan" <RTharakan@ingenuity.com>
To: "Sarah Kenna Groark" <sarah@procinct.com>, "Nicolas Gregoire" <ngregoire@exaprobe.com>, "Gary O'leary-Steele" <garyo@sec-1.com>

I checked this out. SANS had an emergency webcast this morning
in which a lot of security engineers reviewed this bug. Few microsoft
guys where there who confirmed that OWA uses its own version of WEBDAV
which overrides the version which is installed by the OS.
They said the version of WEBDAV in OWA is not vulnerable to this exploit.

However, I'm still hunting for an exploit to test it. Obviously we don't
want to upgrade OWA if it can be avoided. We don't know how stable the
patch is at this point.

rkt

-----Original Message-----
From: Sarah Kenna Groark [mailto:sarah@procinct.com]
Sent: Tuesday, March 18, 2003 4:35 PM
To: Royans Tharakan; Nicolas Gregoire; Gary O'leary-Steele
Cc: pen-test@securityfocus.com
Subject: RE: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability

>Someone said that OWA is not at risk so we are not patching it for webdav.

Is there a definitive statement on this somewhere? I am trying to track
down for a client whether OWA is vulnerable to this and unfortunately do
not have an environment where I can test it myself at the moment.

Any info much appreciated.

Take care,
// Sarah

----------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does. Plug your security holes now!
Download a free 15-day trial of VAM:
http://www2.stillsecure.com/download/sf_vuln_list.html

• Previous message: Renaud Deraison: "Re: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability"
• Maybe in reply to: Gary O'leary-Steele: "Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability"
• Next in thread: Frank Knobbe: "RE: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability"
• Reply: Frank Knobbe: "RE: Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Microsoft Security Bulletin MS01-047 ... Subject: Microsoft Security Bulletin MS01-047 ... OWA Function Allows Unauthenticated User to Enumerate ... - The vulnerability is only exploitable via OWA. ... (Bugtraq) RE: Problem with OWA ... Please help me collect IIS log and Metabase for further ... Microsoft CSS Online Newsgroup Support ... <Thread-Topic: Problem with OWA ... Click Start, click Server Management. ... (microsoft.public.windows.server.sbs) RE: Cannot log into OWA ... we recommend you applied the SBS SP1 and Exchange SP2. ... For the OWA, on SBS 2003 no matter what domain you input on the OWA, the ... Microsoft CSS Online Newsgroup Support ... This newsgroup only focuses on SBS technical issues. ... (microsoft.public.windows.server.sbs) RE: OWA Access, You can not be logged in..,........ ... Microsoft CSS Online Newsgroup Support ... This newsgroup only focuses on SBS technical issues. ... So I rechecked it and thats when the problem occurred, No OWA ... When you log on to Microsoft Outlook Web Access or Microsoft ... (microsoft.public.windows.server.sbs) Re: Problem with OWA ... Please help me collect IIS log and Metabase for further ... Microsoft CSS Online Newsgroup Support ... <Thread-Topic: Problem with OWA ... Click Start, click Server Management. ... (microsoft.public.windows.server.sbs)