Home page logo

fulldisclosure logo Full Disclosure mailing list archives

MS04-030 WebDAV XML Parsing - Need Details
From: nirvana <karmic_nirvana () yahoo com>
Date: Wed, 13 Oct 2004 10:10:18 -0700 (PDT)

Hi List,
I've been trying to reproduce this vulnerability
(MS04-030) on my unpatched IIS. I am sending a request
with a element which has multiple/many attributes.
With my limited knowlegde of WebDAV, I think the
attributes per-element can be sent in two ways 
1.in one line, in the element tag only 
2.in multiple per attribute tags.

The request I am sending is something like this (XML
Data only from a PROPFIND Request, with multiple

<?xml version="1.0" encoding="utf-8" ?>
<D:propfind xmlns:D="DAV:">
  <D:prop xmlns:ns="DAV:"><ns:displayname/>

Plz feel free to rant me if I doin wrong :).


Do you Yahoo!?
Read only the mail you want - Yahoo! Mail SpamGuard.

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]