Internet Information Services 5.0 Denial of service [Release Date] May 29th, 2003 Severity: High [Systems Affected] * Microsoft Information Server 5.0 * Microsoft Information Server 5.1 [Description] If an attacker sends a Webdav request with a body over 49,153 bytes using the 'PROPFIND' or 'SEARCH' request methods, IIS will be forced to restart itself. All web server, email, and active ftp connections will be terminated, along with a disruption of future sessions during the time it takes IIS to restart. The complete advisory is also available from our website at: http://www.spidynamics.com/iis_alert.html [Remediation] Please install the vendor-supplied patch located at http://www.microsoft.com/technet/security/bulletin/MS03-018.asp [Contact Information] SPI Labs SPI Dynamics R&D Team spilabs@spidynamics.com 115 Perimeter Center Place Suite 270 Atlanta, GA 30346 Phone: (678)781-4800 Toll-Free Phone: (866)774-2700 SPI Dynamics was founded in 2000 by a team of accomplished Web security specialists; SPI Dynamics is the leader in Web application security technology. With such signature products as WebInspect, SPI Dynamics is dedicated to protecting companies' most valuable assets. SPI Dynamics has created a new breed of Internet security products for the Web application, the most vulnerable yet least secure component of online business infrastructure. Copyright (c) 2003 SPI Dynamics, Inc. All rights reserved worldwide.