Threat Post

Microsoft confirms flaw in WebDAV in IIS

Microsoft has confirmed the reported vulnerability in the WebDAV implementation in IIS 5.0, 5.1 and 6.0, saying that the flaw could be used to bypass the authentication mechanism on the Web server.
ZDNet

Alert: Critical WebDAV flaw exposes Win2K systems running IIS 5.0

Microsoft and administrators alike are learning in the worst possible way about a newly discovered buffer overrun vulnerability in the World Wide Web Distributed Authoring and Versioning (WebDAV) ...
Threat Post

A guide to the IIS WebDAV vulnerability

Even for the most experienced security professionals, understanding complex attacks and vulnerabilities sometimes can be a serious challenge. A perfect example is the recent Microsoft IIS WebDAV ...
Ars Technica

Microsoft warns of security flaw in IIS

Microsoft yesterday posted Security Advisory 971492, which contains information regarding a vulnerability in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0. Microsoft describes the ...