|
|
Microsoft IIS WebDAV PROPFIND and SEARCH Method Denial of Service Vulnerability
|
Bugtraq ID:
|
7735
|
|
Class:
|
Failure to Handle Exceptional Conditions
|
|
CVE:
|
CVE-2003-0226
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
May 28 2003 12:00AM
|
|
Updated:
|
Jul 11 2009 10:06PM
|
|
Credit:
|
Discovery is credited to SPI Labs <spilabs@spidynamics.com> and Mark Litchfield <mark@ngssoftware.com>.
|
|
Vulnerable:
|
Microsoft IIS 5.1
-
Microsoft Windows 2000 Advanced Server SP2
-
Microsoft Windows 2000 Advanced Server SP1
-
Microsoft Windows 2000 Advanced Server
-
Microsoft Windows 2000 Datacenter Server SP2
-
Microsoft Windows 2000 Datacenter Server SP1
-
Microsoft Windows 2000 Datacenter Server
-
Microsoft Windows 2000 Professional SP2
-
Microsoft Windows 2000 Professional SP1
-
Microsoft Windows 2000 Professional
-
Microsoft Windows 2000 Server SP2
-
Microsoft Windows 2000 Server SP1
-
Microsoft Windows 2000 Server
+
Microsoft Windows XP 64-bit Edition SP1
+
Microsoft Windows XP 64-bit Edition
+
Microsoft Windows XP 64-bit Edition
-
Microsoft Windows XP Home SP1
-
Microsoft Windows XP Home SP1
-
Microsoft Windows XP Home
-
Microsoft Windows XP Home
+
Microsoft Windows XP Professional SP1
+
Microsoft Windows XP Professional SP1
+
Microsoft Windows XP Professional
+
Microsoft Windows XP Professional
Microsoft IIS 5.0
-
Microsoft Windows 2000 Advanced Server SP2
-
Microsoft Windows 2000 Advanced Server SP2
-
Microsoft Windows 2000 Advanced Server SP1
-
Microsoft Windows 2000 Advanced Server SP1
+
Microsoft Windows 2000 Advanced Server
+
Microsoft Windows 2000 Advanced Server
-
Microsoft Windows 2000 Datacenter Server SP2
-
Microsoft Windows 2000 Datacenter Server SP2
-
Microsoft Windows 2000 Datacenter Server SP1
-
Microsoft Windows 2000 Datacenter Server SP1
-
Microsoft Windows 2000 Professional SP2
-
Microsoft Windows 2000 Professional SP2
-
Microsoft Windows 2000 Professional SP1
-
Microsoft Windows 2000 Professional SP1
+
Microsoft Windows 2000 Professional
+
Microsoft Windows 2000 Professional
-
Microsoft Windows 2000 Server SP2
-
Microsoft Windows 2000 Server SP2
-
Microsoft Windows 2000 Server SP1
-
Microsoft Windows 2000 Server SP1
+
Microsoft Windows 2000 Server
+
Microsoft Windows 2000 Server
|
|
|
|
Not Vulnerable:
|
Microsoft IIS 6.0
+
Microsoft Windows Server 2003 Datacenter Edition
+
Microsoft Windows Server 2003 Datacenter Edition
+
Microsoft Windows Server 2003 Datacenter Edition Itanium 0
+
Microsoft Windows Server 2003 Datacenter Edition Itanium 0
+
Microsoft Windows Server 2003 Enterprise Edition
+
Microsoft Windows Server 2003 Enterprise Edition
+
Microsoft Windows Server 2003 Enterprise Edition Itanium 0
+
Microsoft Windows Server 2003 Enterprise Edition Itanium 0
+
Microsoft Windows Server 2003 Standard Edition
+
Microsoft Windows Server 2003 Standard Edition
+
Microsoft Windows Server 2003 Web Edition
+
Microsoft Windows Server 2003 Web Edition
|
|
|
