Bugtraq mailing list archives
New paper: Understanding Microsoft's KB971492 IIS WebDAV Vuln
From: Steve Friedl <steve () unixwiz net>
Date: Wed, 27 May 2009 12:51:50 -0700
Hello all, There has been a fair amount written on the vulnerability itself, but there's a large cohort who has no idea if their systems are at risk ("What is WebDAV, and how do I know if I have or need it???"). So I've written a paper that lets one self-assess to see if this is an issue or not, mainly with a flowchart the gets to a not-vulnerable place reliably. Unixwiz.net Tech Tip: Understanding Microsoft's KB971492 IIS5/IIS6 WebDAV Vulnerability http://unixwiz.net/techtips/ms971492-webdav-vuln.html Those who find WebDAV enabled still have to find local experts to help figure out if they have a problem or not, but this should help the bulk of users who are not at risk. I hope this is helpful. Steve -- Stephen J Friedl | Security Consultant | UNIX Wizard | 714 694-0494 steve () unixwiz net | Orange County, CA | Microsoft MVP | unixwiz.net
Current thread:
- New paper: Understanding Microsoft's KB971492 IIS WebDAV Vuln Steve Friedl (May 27)