Oval Definition:oval:org.mitre.oval:def:90
Revision Date:2011-05-16Version:19
Title:IIS Denial of Service via WebDAV
Description:IIS 5.0 allows remote attackers to cause a denial of service via a series of malformed WebDAV requests.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2001-0151
Platform(s):Microsoft Windows 2000
Product(s):Microsoft Internet Information Server (IIS)
Definition Synopsis
  • Software section
  • IIS major version equals 5
  • AND IIS minor version equals 0
  • AND File %windir%\system32\inetsrv\httpext.dll version is less than 0.9.3940.20
  • AND NOT Patch Q291845 Installed
  • AND NOT Patch Q293826 Installed
  • AND NOT Patch Q301625 Installed
  • AND NOT Patch Q319733 Installed
  • AND NOT Patch Q327696 Installed
  • AND NOT Patch Q811114 Installed
  • AND NOT Win2K/XP/2003/Vista/2008 service pack 2 is installed
  • AND Configuration section
  • NOT WebDav is disabled(for iis 5.0)
    • BACK