IIS 6.0 PUT uploading arbitrary files creates a vulnerability
require
1. IIS Server enables WebDAV in the Web service extension.
2. IIS is configured with write permissions, including website
1. root directory
2. Subfolders
3. iis website properties directory tab write permissions