Microsoft IIS 5.0 PROPFIND Remote DoS

Medium Nessus Network Monitor Plugin ID 1703

Synopsis

The remote IIS web server has PROPFIND enabled.

Description

The remote IIS web server has PROPFIND enabled. There is at least one exploit which utilizes the PROPFIND vector in order to compromise IIS web servers.

Solution

Use URLSCAN to disable PROPFIND requests. In addition, ensure that your system has installed all relevant IIS patches.

See Also

http://support.microsoft.com/support/kb/articles/Q241/5/20.ASP

Plugin Details

Severity: Medium

ID: 1703

Family: Web Servers

Published: 2004/08/20

Modified: 2018/07/11

Dependencies: 1724

Nessus ID: 10667

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 5.3

Temporal Score: 4.9

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:microsoft:internet_information_server

Reference Information

CVE: CVE-2001-0151

BID: 2453