Inge Henriksen has posted an exploit on IIS 5.1 (WinXP IIS 5.1 only). The exploit is a new .dll exploit. There’s already alot of information on several blogs about this exploit and Microsoft should be informed about this.
A 0-day workaround would be to use URLScan to block for this exploit.
Read Inge Henriksens post: Inge Henriksen’s Technology Blog: Microsoft IIS Remote DoS .DLL Url exploit.
Read Bernard’s post about the exploit: Recent IIS 5.1 Remote Exploit.