Denial of Service : Microsoft IIS 5.0 WebDav Memory Leakage Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.10732

Categoría: Denial of Service

Título: Microsoft IIS 5.0 WebDav Memory Leakage Vulnerability - Active Check

Resumen: The WebDav extensions (httpext.dll) for Internet Information; Server 5.0 contains a flaw that may allow a malicious user to consume all available memory on; the target server by sending many requests using the LOCK method associated to a non; existing filename.;; This concern not only IIS but the entire system since the flaw can; potentially exhausts all system memory available.

Descripción: Summary:
The WebDav extensions (httpext.dll) for Internet Information
Server 5.0 contains a flaw that may allow a malicious user to consume all available memory on
the target server by sending many requests using the LOCK method associated to a non
existing filename.

This concern not only IIS but the entire system since the flaw can
potentially exhausts all system memory available.

Affected Software/OS:
Vulnerable systems: IIS 5.0 (httpext.dll versions prior to 0.9.3940.21)

Immune systems: IIS 5 SP2 (httpext.dll version 0.9.3940.21)

Solution:
Download Service Pack 2/hotfixes from Microsoft.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2001-0337
Microsoft Security Bulletin: MS01-026
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-026

Copyright Copyright (C) 2001 INTRANODE

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.10732
Categoría:	Denial of Service
Título:	Microsoft IIS 5.0 WebDav Memory Leakage Vulnerability - Active Check
Resumen:	The WebDav extensions (httpext.dll) for Internet Information; Server 5.0 contains a flaw that may allow a malicious user to consume all available memory on; the target server by sending many requests using the LOCK method associated to a non; existing filename.;; This concern not only IIS but the entire system since the flaw can; potentially exhausts all system memory available.
Descripción:	Summary: The WebDav extensions (httpext.dll) for Internet Information Server 5.0 contains a flaw that may allow a malicious user to consume all available memory on the target server by sending many requests using the LOCK method associated to a non existing filename. This concern not only IIS but the entire system since the flaw can potentially exhausts all system memory available. Affected Software/OS: Vulnerable systems: IIS 5.0 (httpext.dll versions prior to 0.9.3940.21) Immune systems: IIS 5 SP2 (httpext.dll version 0.9.3940.21) Solution: Download Service Pack 2/hotfixes from Microsoft. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2001-0337 Microsoft Security Bulletin: MS01-026 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-026
Copyright	Copyright (C) 2001 INTRANODE