Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Microsoft IIS 5.0 PROPFIND Remote DoS

Medium

Synopsis

The remote IIS web server has PROPFIND enabled.

Description

The remote IIS web server has PROPFIND enabled. There is at least one exploit which utilizes the PROPFIND vector in order to compromise IIS web servers.

Solution

Use URLSCAN to disable PROPFIND requests. In addition, ensure that your system has installed all relevant IIS patches.