Welcome To The Home Of The Visual FoxPro Experts  
home. signup. forum. archives. search. google. articles. downloads. faq. members. weblogs. file info. rss.
 From: Stefan Wuebbe
  Where is Stefan Wuebbe?
 Hamburg
 Germany
 Stefan Wuebbe
 To: Ammar Hadi
  Where is Ammar Hadi?
 Al-Samawah
 Iraq
 Ammar Hadi
 Tags
Subject: RE: WebDAV Security hole in IIS 6.0
Thread ID: 228327 Message ID: 228530 # Views: 1 # Ratings: 0
Version: Not Applicable Category: Security and Application Protection
Date: Tuesday, May 19, 2009 5:04:32 PM         
   


> > For what it's worth, a (not so) new security issue in Microsoft Internet Information Services IIS 6.0 has been discovered.
> > Probably only interesting for the Web Application admins among us:
> >
> > http://www.h-online.com/security/Security-hole-in-IIS-6-0--/news/113303
> >
> > "WebDAV is not enabled by default. Those who have activated it should disable it, or deny remote accesses from the internet
> > until further information and a solution to this problem have become available."
> >
> >
> > Regards
> > -Stefan
>
> Hi Stefan,
>
> I want to ask a question although am not a (Web Application admin), am just a curious guy :-).
>
> There is IIS 7.0 that run on Vista. Did they fixed that (hole)?
>
Hi Ammar,

In the meantime, MS confirmed the issue: "Microsoft says that versions 5.0 and 5.1 are affected in addition to version 6.0, though the error is not present in IIS 7.0".

http://www.h-online.com/security/Microsoft-confirms-vulnerability-in-Internet-Information-Server--/news/113318


Regards
-Stefan

ENTIRE THREAD

WebDAV Security hole in IIS 6.0 Posted by Stefan Wuebbe @ 5/18/2009 10:44:39 AM
RE: WebDAV Security hole in IIS 6.0 Posted by Ammar Hadi @ 5/18/2009 4:50:49 PM
RE: WebDAV Security hole in IIS 6.0 Posted by Stefan Wuebbe @ 5/18/2009 6:48:11 PM
RE: WebDAV Security hole in IIS 6.0 Posted by Ammar Hadi @ 5/18/2009 6:59:38 PM
RE: WebDAV Security hole in IIS 6.0 Posted by Stefan Wuebbe @ 5/19/2009 5:04:32 PM
RE: WebDAV Security hole in IIS 6.0 Posted by Ammar Hadi @ 5/20/2009 11:04:03 AM