Microsoft CVE-2018-8175: WEBDAV Denial of Service Vulnerability
Description
A denial of service vulnerability exists when Windows NT WEBDAV Minirdr attempts to query a WEBDAV directory. An attacker who successfully exploited the vulnerability could cause a denial of service. To exploit the vulnerability, an attacker could host a specially crafted website and then convince a user to browse to it, which would cause the victim's system to stop responding. However, an attacker could not force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could trick a user into clicking a link that takes the user to the attacker's WEBDAV directory. The security update addresses the vulnerability by correcting how Windows NT WEBDAV Minirdr attempts to query a WEBDAV directory.
Solution(s)
- msft-kb4284819-09802fac-5d82-4589-9da1-a1b16f7516c6
- msft-kb4284819-12056057-df80-4f20-a9f8-c8b9bd18ccd6
- msft-kb4284819-af7712ab-eaad-4b7d-8b8e-2a060c2bfe53
- msft-kb4284835-3c78a800-e801-4176-a748-b741cf1f302a
- msft-kb4284835-f0914666-2046-4a90-8eeb-2a49b3a2d663
- msft-kb4284835-f74f5aaf-95df-4818-8df0-2986a9d1a34e
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center