Signature Detail

HTTP: PUT Method Attempt

This signature detects attempts to use the "PUT" method to modify the contents of a Web page. The "PUT" method is a part of the WebDAV standard for remote content editing. A poorly configured Web server can mistakenly provide remote access to the "PUT" method without requiring any form of login. This common mistake is sometimes abused by attackers to deface Web sites. If you see this alert, verify that the Web site in question has WebDAV disabled or configured properly.

Extended Description

Successful exploitation of the vulnerability could allow a remote attacker to deface a web server, and to upload malicious files.

References

• URL: http://asg.web.cmu.edu/rfc/rfc2518.html
• URL: http://isc.sans.org/diary.php?date=2004-09-20
• URL: http://en.wikipedia.org/wiki/WebDAV