There has been a fair amount written on the vulnerability itself, but
there's a large cohort who has no idea if their systems are at risk
("What is WebDAV, and how do I know if I have or need it???").
So I've written a paper that lets one self-assess to see if this is
an issue or not, mainly with a flowchart the gets to a not-vulnerable
place reliably.
Those who find WebDAV enabled still have to find local experts to help
figure out if they have a problem or not, but this should help the bulk
of users who are not at risk.
I hope this is helpful.
Steve
--
Stephen J Friedl | Security Consultant | UNIX Wizard | 714 694-0494
steve (at) unixwiz (dot) net [email concealed] | Orange County, CA | Microsoft MVP | unixwiz.net
There has been a fair amount written on the vulnerability itself, but
there's a large cohort who has no idea if their systems are at risk
("What is WebDAV, and how do I know if I have or need it???").
So I've written a paper that lets one self-assess to see if this is
an issue or not, mainly with a flowchart the gets to a not-vulnerable
place reliably.
Unixwiz.net Tech Tip: Understanding Microsoft's KB971492 IIS5/IIS6 WebDAV Vulnerability
http://unixwiz.net/techtips/ms971492-webdav-vuln.html
Those who find WebDAV enabled still have to find local experts to help
figure out if they have a problem or not, but this should help the bulk
of users who are not at risk.
I hope this is helpful.
Steve
--
Stephen J Friedl | Security Consultant | UNIX Wizard | 714 694-0494
steve (at) unixwiz (dot) net [email concealed] | Orange County, CA | Microsoft MVP | unixwiz.net
[ reply ]