Oval Definition:	oval:org.mitre.oval:def:1330
Revision Date: 2011-05-16 Version: 20 Title: Windows 2000 IIS WebDAV Message Handler Denial of Service Vulnerability Description: The WebDAV Message Handler for Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows remote attackers to cause a denial of service (memory and CPU exhaustion, application crash) via a PROPFIND request with an XML message containing XML elements with a large number of attributes. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2003-0718 Platform(s): Microsoft Windows 2000 Product(s): Microsoft Internet Information Server (IIS) Definition Synopsis Software section Windows 2000 (sp5 or earlier) is installed Windows 2000 is installed AND NOT Win2K/XP/2003 service pack 5 (or later) is installed AND the version of httpext.dll is less than 5.0.2195.6958 AND NOT the patch KB824151 is installed AND Configuration section NOT WebDav is disabled(for iis 5.0)
BACK