{"vuid":"VU#959211","idnumber":"959211","name":"Microsoft IIS vulnerable to DoS via invalid request for very long WebDAV requests","keywords":["Microsoft Internet Information Server","IIS","WebDAV","DoS","denial of service","very long","invalid request","MS01-044"],"overview":"Intruders can disrupt the normal operation of an IIS 5.0 server using a malicious Web Distributed Authoring and Versioning (WebDAV) request.","clean_desc":"WebDAV is an extension to HTTP used to manage content on web servers. Quoting from RFC 2518: [WebDAV is] an extension to the HTTP/1.1 protocol that allows clients to perform remote web content authoring operations. This extension provides a coherent set of methods, headers, request entity body formats, and response entity body formats that provide operations for:  Properties [...], Collections [... and], Namespace Operations. A vulnerability in the Microsoft implementation of WebDAV can be used to disrupt IIS 5.0. Quoting from MS01-044, A denial of service vulnerability [exists] that could enable an attacker to temporarily disrupt service on an IIS 5.0 web server. WebDAV doesn't correctly handle [a] particular type of very long, invalid request. Such a request would cause the IIS 5.0 service to fail; by default, it would automatically restart. WebDAV is installed and operational by default on Microsoft  IIS 5.0. This does not affect IIS 4.0 servers.","impact":"An intruder can cause the IIS 5.0 service to fail. It will restart by default.","resolution":"Apply a patch as described in MS01-044. This is a cumulative patch that addresses a number of security problems discovered prior to August 15, 2001.","workarounds":"","sysaffected":"","thanks":"","author":"This document was written by Shawn Hernan, based upon information in Microsoft Security Bulletin MS01-044.","public":["http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms01-044.asp","http://www.securityfocus.com/bid/3194","http://www.ietf.org/rfc/rfc2518.txt"],"cveids":["CVE-2001-0508"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-08-16T13:56:18Z","publicdate":"2001-08-15T00:00:00Z","datefirstpublished":"2001-09-18T21:07:25Z","dateupdated":"2001-09-18T21:07:27Z","revision":11,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"18","cam_exploitation":"0","cam_internetinfrastructure":"10","cam_population":"15","cam_impact":"8","cam_easeofexploitation":"10","cam_attackeraccessrequired":"20","cam_scorecurrent":"12.6","cam_scorecurrentwidelyknown":"13.5","cam_scorecurrentwidelyknownexploited":"22.5","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":12.6,"vulnote":null}