A 0-day authentication bypass vulnerability has been reported in IIS6, and is being actively exploited in the wild.
IIS 6 implementation running WebDAV
Attackers could access any file on the system. By virtue of 'any' file, attackers could possibly run arbitrary code if they have access to the right file (such as cmd.exe).
If possible, Disable WebDAV - systems like SharePoint rely on WebDAV so this is not always a suitable technique. No other workarounds are available at this time.
IIS 7 has not been identified as affected at this time. There have been confirmed exploits used in the wild. Proof of concept code has been posted to milw0rm: http://www.milw0rm.com/
‘Possible authentication bypass vulnerability in IIS6’ (http://www.auscert.org.au/render.html?it=11001)
Microsoft has released an advisory regarding this vulnerability in IIS 6.0. Please review the following article for additional information and mitigating factors: