VULHUB ™

Microsoft IIS 5.x and 6.0 suffer from a denial of service vulnerability regarding the WebDAV XML parser. An attacker can craft a malicious WebDAV PROPFIND request, which uses XML attributes in a way that inflicts a denial of service condition on the target machine (IIS web server). The result of this attack is that the XML parser consumes all the CPU resources for a long period of time (from seconds to minutes, depending on the size of the payload).

Microsoft IIS 5.x and 6.0 suffer from a denial of service vulnerability regarding the WebDAV XML parser. An attacker can craft a malicious WebDAV PROPFIND request, which uses XML attributes in a way that inflicts a denial of service condition on the target machine (IIS web server). The result of this attack is that the XML parser consumes all the CPU resources for a long period of time (from seconds to minutes, depending on the size of the payload).