Re: Article on WebDAV Vulnerability (MS03-007)

From: Kyle Lai (aladin168@hotmail.com)
Date: 03/25/03


From:     Kyle Lai <aladin168@hotmail.com>
Date: Mon, 24 Mar 2003 15:40:23 -0800


Systems that have the patch applied should definitely use IISLockdown
and URLScan utilities to fully protect themselves from WebDAV and other
attacks.

URLScan and IISLockdown tools alone are not enough to protect this
WebDAV vulnerability. If you want to read all the DLL's that were
effected without the patch, please refer to David Litchfield's paper,
and the URL is referenced in the KLC Consulting's article
http://www.klcconsulting.net/articles/webdav/webdav_vuln.htm

The KLC article will have on-going updates as new and critical
information becomes available.

If you use Nessus, the detection rules is available from the Nessus
site. It uses the "SEARCH" command to test for WebDAV vulnerabilities.

Cheers,
/Kyle

Kyle Lai, CISSP, CISA
KLC Consulting, Inc.
klai@klcconsulting.net
www.klcconsulting.net

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!