2000 server exploit, webDAV
From: owen johnson (o@bluecoat.com)
Date: 03/18/03
- Next message: Steve: "help - lastest security patch killed my server"
- Previous message: Ian Cook: "Re: Microsoft's latest Security update M03-007"
- Next in thread: BlueSeptember: "Re: 2000 server exploit, webDAV"
- Reply: BlueSeptember: "Re: 2000 server exploit, webDAV"
- Reply: Roger Abell [MVP]: "Re: 2000 server exploit, webDAV"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "owen johnson" <o@bluecoat.com> Date: Tue, 18 Mar 2003 11:19:05 -0800
I would like to adjust our network to filter for the new
2000 server exploit.
Has Microsoft or anyone else released a request
signature/finger-print for this issue? Specifically, an
example of the HTTP Request headers from a packet
capture.
This would be a HUGE help.
Here's a snippet from the trusecure site:
Summary:
Credible sources indicate that an exploit exists to
compromise IIS
5.0 servers on Windows 2000 including all service packs.
This
exploits an unchecked buffer in the World Wide Web
Distributed
Authoring and Versioning (WebDAV) protocol
http://www.microsoft.com/technet/treeview/default.asp?
url=/technet/security/
bulletin/MS03-007.asp
- Next message: Steve: "help - lastest security patch killed my server"
- Previous message: Ian Cook: "Re: Microsoft's latest Security update M03-007"
- Next in thread: BlueSeptember: "Re: 2000 server exploit, webDAV"
- Reply: BlueSeptember: "Re: 2000 server exploit, webDAV"
- Reply: Roger Abell [MVP]: "Re: 2000 server exploit, webDAV"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
