-
March 18th, 2003, 10:01 AM
#1
Member
Microsoft WebDAV
Hi,
I am looking for a technical resource concerning the new MS WebDAV vulnerability found. For more information:
http://www.microsoft.com/technet/sec...n/MS03-007.asp
http://www.microsoft.com/security/se...s/ms03-007.asp
Any help would be mch appriciated.
Thanks in advance.
-
March 18th, 2003, 11:32 AM
#2
-
March 25th, 2003, 06:46 PM
#3
This is much bigger than WebDAV though. The original zero-day exploit of a U.S. Military computer happened to use WebDAV as the attack vector, but the root problem is function of a core system DLL.
Many applications and even other DLL's leverage this same DLL function so there are a multitude of potential attack vectors for exploiting this vulnerability. Some of the security firms have sounded the alarm, but it seems like Microsoft and the mainstream press are still focusing on WebDAV and IIS 5.0 which may give some a false sense of security.
Essentially, everyone with Windows 2000 should apply the patch for this flaw. Here are some references:
iDefense Article
NGSSoftware PDF File
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|