Added: 07/18/2006
CVE: CVE-2003-0109
BID: 7116
OSVDB: 4467
The dynamic link library **ntdll.dll**
is a core component of the Windows operating system. It is used by many operating system components including the WebDAV component of Microsoft IIS.
A buffer overflow in **ntdll.dll**
allows remote attackers to execute arbitrary commands with LocalSystem privileges by sending a long, specially crafted WebDAV request to IIS 5.0.
Apply the patch referenced in Microsoft Security Bulletin 03-007.
<http://www.cert.org/advisories/CA-2003-09.html>
Exploit works on Windows 2000 running IIS 5.0 web server with WebDAV enabled. Failure may cause the web service to become unresponsive but still remain listening.