[unisog] IIS problem du jour

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Mon Mar 17 22:56:50 GMT 2003


On Mon, 17 Mar 2003 17:07:27 EST, Anderson Johnston said:
> 
> http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/b
ulletin/MS03-007.asp
> 
> An attack on IIS WebDAV.  The CAN reference given in the above URL is
> still under CVE editorial review.
> 
> 
> Has anyone see this wild?  Got any NIDS signatures for it?

Yes, it's in the wild - a 0-day nailed some .MIL servers.

http://www.msnbc.com/news/886524.asp?0cv=CB10

http://www.cert.org/advisories/CA-2003-09.html

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20030317/0fb84b4d/attachment-0007.bin


More information about the unisog mailing list