Vulnerability in IIS 5.0

Microsoft just posted details on a new vulnerability in IIS 5.0. It exploits a buffer overflow condition in the part of the ntdll.dll component called by WebDAV. Read Microsoft's advisory to learn about patches and workarounds. The ISS X-Force advisory is helpful.