ITSS-Advisory : MEDIUM : Microsoft : IIS 6 with WebDav (Sharepoint) vulnerability: Potentially unauthenticated remote access and code execution

THREAT LEVEL
============
Medium

INFORMATION
===========
Product: Microsoft IIS
Impact: Execute Arbitrary Code/Commands
Access Privileged Data
Access: Remote/Unauthenticated
Ref: AL-2009.0041

AFFECTED PLATFORMS
==================
Operating System: Windows systems serving IIS with WebDav functions (critical for Sharepoint)

WebDAV is not enabled by default on IIS 6.0 in the default configuration.Unless WebDAV has been enabled by an administrator on these systems, the vulnerability is present, but not exposed.

ACTION
======

Original Bulletin:
http://www.microsoft.com/technet/security/advisory/971492.mspx

Microsoft has released a bulletin regarding the new IIS vulnerabilities. It is available at:
http://www.microsoft.com/technet/security/advisory/971492.mspx

While a fix is not yet available, the vulnerability does not bypass underlying file system access lists and so the issue can be further mitigated by applying strict access controls for the anonymous web user.
More information on this is available at the above URL, and at the following Microsoft knowledge base articles:

http://support.microsoft.com/?id=271071
http://support.microsoft.com/kb/812614/

Administrators of affected computer systems are advised to review the
bulletins, test and apply relevant mitigation strategies and updates.

References:
http://support.microsoft.com/?id=271071
http://support.microsoft.com/kb/812614/
http://www.microsoft.com/technet/security/advisory/971492.mspx