WebDAV is an extension of the HTTP protocol and by default installs
on Microsoft IIS 5.0. WebDav enables remote users to manage and collaboratively
edit files on remote web servers.
Microsoft IIS is subject to a denial of service attack. Because
WebDAV contains a flaw in the handling of certain malformed requests, an
attacker submitting multiple malformed WebDAV 'PROPFIND' requests
could cause the server to stop responding, leaving the server unable to accept
any new HTTP sessions.
The duration of the denial of service is dependant on the amount of time an
attacker would continuously send the request. Once the malformed requests come
to an end, the server will gain normal functionality.
This vulnerability has also been known to restart the IIS services.