RE: IIS/WebDav Exploit List

kyle_at_kylelai.com
Date: 05/14/03

  • Next message: David Schwartz: "RE: partial analysis of vulndev-1.c"
    To: "Joe Stewart" <jstewart@lurhq.com>, <intrusions@incidents.org>
    Date: Tue, 13 May 2003 20:28:49 -0400
    
    

    Another good one is
    http://www.klcconsulting.net/articles/webdav/webdav_vuln.htm

    Kyle Lai, CISSP, CISA
    KLC Consulting, Inc.
    617-921-5410
    klai@klcconsulting.net
    www.klcconsulting.net

    -----Original Message-----
    From: Joe Stewart [mailto:jstewart@lurhq.com]
    Sent: Tuesday, May 13, 2003 9:32 AM
    To: intrusions@incidents.org
    Cc: incidents@securityfocus.com; vuln-dev@securityfocus.com;
    list@dshield.org
    Subject: IIS/WebDav Exploit List

    I have created a page describing the various WebDav exploits and exploit
    kits I have come across so far, along with Snort signatures to detect each
    one. If anyone knows of any other unique exploits for the ntdll.dll/WebDav
    IIS vulnerability, please send me the source/binary or a link so I can
    catalog
    it here:

    http://www.lurhq.com/webdav.html

    -Joe

    --
    Joe Stewart, GCIH
    Senior Intrusion Analyst
    LURHQ Corporation
    http://www.lurhq.com/
    ----------------------------------------------------------------------------
    *** Wireless LAN Policies for Security & Management - NEW White Paper ***
    Just like wired networks, wireless LANs require network security policies
    that are enforced to protect WLANs from known vulnerabilities and threats.
    Learn to design, implement and enforce WLAN security policies to lockdown
    enterprise WLANs.
    To get your FREE white paper visit us at:
    http://www.securityfocus.com/AirDefense-incidents
    ----------------------------------------------------------------------------
    ---
    Incoming mail is certified Virus Free.
    Checked by AVG anti-virus system (http://www.grisoft.com).
    Version: 6.0.478 / Virus Database: 275 - Release Date: 5/6/2003
    ---
    Outgoing mail is certified Virus Free.
    Checked by AVG anti-virus system (http://www.grisoft.com).
    Version: 6.0.478 / Virus Database: 275 - Release Date: 5/6/2003
    

  • Next message: David Schwartz: "RE: partial analysis of vulndev-1.c"

    Relevant Pages

    • RE: non-system but priviledged account OK for installing layered products?
      ... DECMessageQ was written in PL/I and BEA needed to have the product avaialble ... Incoming mail is certified Virus Free. ... Checked by AVG anti-virus system. ...
      (comp.os.vms)
    • ENC: SED question
      ... Incoming mail is certified Virus Free. ... Checked by AVG anti-virus system. ... Outgoing mail is certified Virus Free. ...
      (SunManagers)
    • RE: New OpenVMS-to-Itanium FAQ
      ... comparison to PL/I ... >Incoming mail is certified Virus Free. ... Outgoing mail is certified Virus Free. ... Checked by AVG anti-virus system. ...
      (comp.os.vms)
    • RE: Do we need a DCL debugger?
      ... >> containing the user written lexical functions, ... >Incoming mail is certified Virus Free. ... Outgoing mail is certified Virus Free. ... Checked by AVG anti-virus system. ...
      (comp.os.vms)
    • RE: OpenVMS 7.3-1 on Alpha Wokstation 500au
      ... I've checked the configuration (Toshiba CD-ROM with Cypress IDE ... Incoming mail is certified Virus Free. ... Checked by AVG anti-virus system. ...
      (comp.os.vms)