Intrusion Prevention



This indicates a buffer overflow vulnerability in Microsoft Internet Information Service (IIS) version 5.0 with WebDAV enabled.

IIS 5.0 supports the Distributed Authoring and Versioning (DAV) extensions of the HTTP protocol as defined in RFC 2518. By default, the entire Web space of IIS is capable of responding to WebDAV requests. Due to inadequate boundary checking, a remote attacker can cause buffer overflow on a target system by passing it a specially-crafted URL request.

Affected Products

Unprotected Windows 2000 or Windows NT 4.0 systems have IIS 5 with WebDAV enabled are vulnerable to the attack.


The attacker can gain remote access to the victim system and execute arbitrary code on it.

Recommended Actions

Apply appropriate patches or upgrade the system to the latest non-vulnerable version

Disable WebDAV unless absolutely required.

CVE References


Other References

1 1