Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

iisDoS.txt

🗓️ 29 May 2003 00:00:00Reported by SPI LabsType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 35 Views

IIS 5.0 Denial of Service due to Webdav requests over 49,153 bytes. Apply patch to remediate.

Code
`Internet Information Services 5.0 Denial of service  
  
[Release Date] May 29th, 2003  
Severity: High  
  
[Systems Affected]  
* Microsoft Information Server 5.0  
* Microsoft Information Server 5.1  
  
[Description]  
  
If an attacker sends a Webdav request with a body over 49,153 bytes  
using the 'PROPFIND' or 'SEARCH' request methods, IIS will be forced  
to restart itself. All web server, email, and active ftp connections  
will be terminated, along with a disruption of future sessions during  
the time it takes IIS to restart. The complete advisory is also available  
from our  
website at: http://www.spidynamics.com/iis_alert.html  
  
[Remediation]  
Please install the vendor-supplied patch located at  
http://www.microsoft.com/technet/security/bulletin/MS03-018.asp  
  
[Contact Information]  
  
SPI Labs  
SPI Dynamics R&D Team  
[email protected]  
115 Perimeter Center Place  
Suite 270  
Atlanta, GA 30346  
Phone: (678)781-4800  
Toll-Free Phone: (866)774-2700  
  
  
SPI Dynamics was founded in 2000 by a team of accomplished Web security  
specialists;  
SPI Dynamics is the leader in Web application security technology. With such  
signature  
products as WebInspect, SPI Dynamics is dedicated to protecting companies'  
most valuable  
assets. SPI Dynamics has created a new breed of Internet security products  
for the Web  
application, the most vulnerable yet least secure component of online  
business infrastructure.  
  
Copyright (c) 2003 SPI Dynamics, Inc. All rights reserved worldwide.  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
29 May 2003 00:00Current
7.4High risk
Vulners AI Score7.4
denial of servicewebdav requestmicrosoft information serverhigh severitysystem remediation
35