Hi, I'm not sure, but I think the CVE reference in this plugin (id 10685) is incorrect. It references CVE-2001-0508 Vulnerability in IIS 5.0 allows remote attackers to cause a denial of service (restart) via a long, invalid WebDAV request. This doesn't seem to match the test that the plugin is doing. Having looked around, this looks like the best match: CVE-2001-0500 Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red. Have I got the wrong end of the stick? Paul -- Paul Johnston Internet Security Specialist Westpoint Limited Albion Wharf, 19 Albion Street, Manchester, M1 5LN England Tel: +44 (0)161 237 1028 Fax: +44 (0)161 237 1031 email: paulat_private web: www.westpoint.ltd.uk
This archive was generated by hypermail 2b30 : Tue Apr 22 2003 - 04:42:19 PDT