Detections
Analytics

Microsoft IIS 5.0 PROPFIND Remote DoS

medium Nessus Network Monitor Plugin ID 1703

Synopsis

The remote IIS web server has PROPFIND enabled.

Description

The remote IIS web server has PROPFIND enabled. There is at least one exploit which utilizes the PROPFIND vector in order to compromise IIS web servers.

Solution

Use URLSCAN to disable PROPFIND requests. In addition, ensure that your system has installed all relevant IIS patches.

See Also

http://support.microsoft.com/support/kb/articles/Q241/5/20.ASP

Plugin Details

Severity: Medium

ID: 1703

Family: Web Servers

Published: 8/20/2004

Updated: 3/6/2019

Nessus ID: 10667

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:microsoft:internet_information_server

Reference Information

CVE: CVE-2001-0151

BID: 2453