PROPFIND from WebDAV clients to IIS recently gets 405

Programming and Web Development Forums - IIS - About IIS Web Server Security Issues

Skip to content

PROPFIND from WebDAV clients to IIS recently gets 405

IIS
Post a reply

    Sponsored Links

    Next

  • 1. Authentication Question
    I am using Windows 2003 with IIS 6.0 and am trying to lock down one folder of my web site. I have gone into IIS then properties of the folder and select Directory Security. I removed the "Allow anonymous connection" and checked "Digest authentication for Domain servers". This allows me to login under one users name but not another. I have compared user groups and they are members of the same groups. If I deselect the "Digest authentication for Domain servers" and select "Basic authentication" I can login under both users. Any suggestions on what I might try would be appreciated. Thank you, Eric
  • 2. downloading updates to install
    I have downd loaded updates but they will not install
  • 3. URLScan and SQL Injection
    Can URLScan be used to disallow certain keywords in the query string? I'd like to disallow Select/Delete/Insert/Update for example. thanks, Chuck

PROPFIND from WebDAV clients to IIS recently gets 405

Postby Van Ly » Sun, 06 Mar 2005 16:40:29 GMT 

Hello,

I've been working with WebDAV on IIS 6 on a Windows 2003 Server box.  My 
client program and also other WebDAV clients such as DAVExplorer were able 
to connect and retrieve properties of files on the W03 box.

Recently our I.T. installed a bunch of security patches onto the box.  And 
the WebDAV clients that I use now get a 405 (Method Not Allowed) whenever 
they attempt a PROPFIND command on the server.  DAVExplorer actually 
doesn't even connect now since the first thing it normally does is to use 
PROPFIND to get a subdirectory listing.

Are there any settings on the Web share that I'm not aware of?  The Web 
share currently has Read/Write/Browse turned on.  The actual directory on 
an NTFS has Full Control granted to the "Users" group which should apply to 
all.

Thanks,
Van
Top

Similar Threads:

1.PROPFIND produces 405 - Method Not Allowed Error

2.propfind webdav 'sploit in 2003 iis 

Well,

some guy used webdav to change all the security settings 
on a brand new 2003 server install.

he created an admin account and disbabled access from the 
network for others.

I turned off anon access for ftp, which I can keep that 
way, and www, which I want anon access for eventually.

What else should I do?  Is there a patch out for this?  I 
ran windows update *prior* to this hack, and I've since 
run the baseline security analyzer.  I'm about as up to 
date as I can find.

TIA

Sample Log entry below

 2003-10-12 01:37:39 [ouripaddress] OPTIONS / - 80 - 
217.230.96.48 [<--dial up ip address not ours] Microsoft-
WebDAV-MiniRedir/5.1.2600 200 0 0
0 - 217.230.96.48 Microsoft-WebDAV-MiniRedir/5.1.2600 501 
0 0
#Software: Microsoft Internet Information Services 6.0

those times concurrent with the hack.

3.405 Error with WebDAV - affecting OWA 

We've recently run the transition pack to move from SBS Premium to
seperate components, all still on the same server at present. Since
doing so we've been unable to use the Outlook Web Access premium
client. I've tracked this down to IIS returning a 405 HTTP Verb is not
allowed when a HTTP SEARCH request is made to IIS. The log file for IIS
shows the following:

2006-08-22 14:45:41 192.168.234.1 GET
/exchweb/6.5.7651.25/controls/tf_Messages.xsl - 80 - 192.168.234.125
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2)
200 0 0
2006-08-22 14:45:41 192.168.234.1 SEARCH /exchange/richardba/Inbox/ -
80 rse\richardba 192.168.234.125
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2)
405 0 0
2006-08-22 14:45:41 192.168.234.1 SUBSCRIBE
/exchange/richardba/Calendar - 80 - 192.168.234.125
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2)
401 2 2148074254
2006-08-22 14:45:41 192.168.234.1 SUBSCRIBE
/exchange/richardba/Calendar - 80 rse\richardba 192.168.234.125
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2)
200 0 0
2006-08-22 14:45:41 192.168.234.1 SUBSCRIBE /exchange/richardba/Tasks -
80 - 192.168.234.125
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2)
401 2 2148074254
2006-08-22 14:45:41 192.168.234.1 SUBSCRIBE /exchange/richardba/Tasks -
80 rse\richardba 192.168.234.125
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2)
200 0 0
2006-08-22 14:45:41 192.168.234.1 SEARCH /exchange/richardba/Calendar -
80 rse\richardba 192.168.234.125
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2)
405 0 0
2006-08-22 14:45:41 192.168.234.1 SEARCH /exchange/richardba/Tasks - 80
rse\richardba 192.168.234.125
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2)
405 0 0
2006-08-22 14:46:15 192.168.234.1 GET /exchange/ - 80 - 192.168.234.125
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2)
401 2 2148074254
2006-08-22 14:46:15 192.168.234.1 GET /exchange/ - 80 rse\richardba
192.168.234.125
Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2)
200 0 0

I'm not sure as to whether this is an issue in IIS or with Exchange
(hence posting similar question here and Exchange newsgroup)
As far as I can work out SEARCH is a WebDAV request - what is the best
way of checking if WebDAV is working correctly? And does anyone have
any ideas on how to rectify this?

Thanks,
--Richard Burns-Allan

DipComp DipIT BSc(Hons) MBCS
MCSA(2000 & 2003) MCSE(NT4, 2000, 2003) Security+

IT Systems Engineer
Ross-shire Engineering Limited

4.Propfind /Admin$ 404 Microsoft-WebDav-Miniredir /5.1.2600 

I know I have been Hacked. I am trying to see were the 
hole is 
Does anyone know what vulnerabilty this is and how to 
patch it?

 "Propfind /Admin$ 404 Microsoft-WebDav-
Miniredir /5.1.2600"
Right under that in the same log file

"get /robots.txt -404 Mozilla/4.01 (compatible;+grub-
client-1.4.3;+crawl+your+own+Stuff+with=Http://grub.org

5.problem with webdav client Microsoft-WebDAV-MiniRedir 

Hi
I have a problem with web dav client for 
xp:Microsoft-WebDAV-MiniRedir/5.1.2600 
It does not show the displayname but the url of folder, which is not the same.
This is what happens:
I've mappen the web dav drive to my network places. If i open explorer, 
browse to networkplaces and click on the drive. The subfolders displayname 
get the last part of the url as displayname and not the <displayname> property
If i make a shortcut and then opens it through that path, it uses "Microsoft 
Data Access Internet Publishing Provider DAV" which displays it correctly.
They recieve exactly the same response 

Is there any fix for this, and if not, can i force a certain client to be 
used always?

6. How to Resolve an HTTP 405 Resource not allowed Error in IIS

7. HTTP 405 Error / How to enable POST in IIS 6.0 to allow jscript to run

8. When i try to save something in Sharepoint 2003, error IIS 405 occ

Post a reply

Return to IIS

 

Who is online

Users browsing this forum: No registered users and 79 guest

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group