[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20090527195150.GA15167@dcent.unixwiz.lan>
Date: Wed, 27 May 2009 12:51:50 -0700
From: Steve Friedl <steve@...xwiz.net>
To: bugtraq@...urityfocus.com
Subject: New paper: Understanding Microsoft's KB971492 IIS WebDAV Vuln
Hello all,
There has been a fair amount written on the vulnerability itself, but
there's a large cohort who has no idea if their systems are at risk
("What is WebDAV, and how do I know if I have or need it???").
So I've written a paper that lets one self-assess to see if this is
an issue or not, mainly with a flowchart the gets to a not-vulnerable
place reliably.
Unixwiz.net Tech Tip: Understanding Microsoft's KB971492 IIS5/IIS6 WebDAV Vulnerability
http://unixwiz.net/techtips/ms971492-webdav-vuln.html
Those who find WebDAV enabled still have to find local experts to help
figure out if they have a problem or not, but this should help the bulk
of users who are not at risk.
I hope this is helpful.
Steve
--
Stephen J Friedl | Security Consultant | UNIX Wizard | 714 694-0494
steve@...xwiz.net | Orange County, CA | Microsoft MVP | unixwiz.net
Powered by blists - more mailing lists