Summary
It was possible to disable the remote IIS server
by making a variation of a specially formed PROPFIND request.
An attacker, exploiting this vulnerability, would be able to render the web service useless. If the server is 'business critical', the impact could be high.
Solution
disable the WebDAV extensions, as well as the PROPFIND command See
http://support.microsoft.com/support/kb/articles/Q241/5/20.AS
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2001-0151 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities