IIS 6.0 Remote Code Execution CVE-2017-7269 Scanner

Details

Stay Up To Date

Follow @secforeveryone

Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

IIS 6.0 Remote Code Execution CVE-2017-7269 Scanner Detail

There is a remote code execution vulnerability in IIS 6.0.

Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.

http://www.securityfocus.com/bid/97127
http://www.securitytracker.com/id/1038168
https://0patch.blogspot.com/2017/03/0patching-immortal-cve-2017-7269.html
https://github.com/danigargu/explodingcan
https://github.com/edwardz246003/IIS_exploit
https://github.com/rapid7/metasploit-framework/pull/8162
https://medium.com/@iraklis/number-of-internet-facing-vulnerable-iis-6-0-to-cve-2017-7269-8bd153ef5812
https://support.microsoft.com/en-us/help/3197835/description-of-the-security-update-for-windows-xp-and-windows-server
https://www.exploit-db.com/exploits/41738/
https://www.exploit-db.com/exploits/41992/

Some Advice for Common Problems

Update your IIS service, to the latest version to eliminate this vulnerability.