COMMAND

    WebDAV

SYSTEMS AFFECTED

    WebDAV

PROBLEM

    Following  is  based  on  a  Microsoft Security Bulletin MS01-022.
    The Microsoft Data  Access Component Internet  Publishing Provider
    provides access to WebDAV resources over the Internet.  By design,
    it should differentiate between requests made by a user and  those
    made by a script running in the user's browser.  However,  because
    of an implementation flaw, it handles all requests in the security
    context of the user.  As a result, if a user browsed to a web page
    or opened an HTML e-mail that contained script, that script  could
    access web-based resources as the user.

    The specific actions an attacker could take via this vulnerability
    would depend on the Web-based resources available to the user, and
    the user's  privileges on  them. However,  it is  likely that at a
    minimum,  the  attacker  could  browse  the  user's  intranet, and
    potentially access web-based e-mail as well.

    Mitigating Factors:
    - The  attacker   would  need  to   possess  significant    inside
      information in order to carry  out a successful attack, such  as
      server  names,  folder  structures,  and  other user and network
      specific  information.   This  vulnerability  would therefore be
      most likely used as part of an insider attack.
    - The  vulnerability could  not be  exploited against  stand-alone
      machines.
    - The vulnerability could not be exploited if Active Scripting was
      disabled in the Security Zone the script opened in.

SOLUTION

    A patch is available to  fix this vulnerability.  Please  read the
    Security Bulletin:

        http://www.microsoft.com/technet/security/bulletin/ms01-022.asp

    for information on obtaining this patch.