Threat Post

A guide to the IIS WebDAV vulnerability

Even for the most experienced security professionals, understanding complex attacks and vulnerabilities sometimes can be a serious challenge. A perfect example is the recent Microsoft IIS WebDAV ...
Threat Post

Microsoft confirms flaw in WebDAV in IIS

Microsoft has confirmed the reported vulnerability in the WebDAV implementation in IIS 5.0, 5.1 and 6.0, saying that the flaw could be used to bypass the authentication mechanism on the Web server.
Bleeping Computer

New IIS 6.0 Zero-Day Exploited in Live Attacks Since July 2016

Since July 2016, attackers have been using a zero-day in IIS 6.0 to compromise and take over Windows servers. The zero-day was discovered by two Chinese researchers from the Information Security Lab & ...
Dark Reading

Zero-Day IIS Vuln Bypasses Authentication

Windows sysadmins responsible for servers running Microsoft Internet Information Services (IIS) received an unexpected surprise last Friday afternoon--or first thing this morning--in the form of a ...
Ars Technica

WebDAV troubles

I've set up a WebDAV via clear text auth with 128bit SSL on my server. "Web Folders" work on XP and I'm able to upload/download files. From reading the description of WebDAV I should be able to set ...