?

Apr 05 2017

CVE-2017-7269 IIS_exploit

首頁 » 神器下載 » CVE-2017-7269 IIS_exploit   

CVE-2017-7269

[Description] Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.

[Additional Information] the ScStoragePathFromUrl function is called twice

[Vulnerability Type] Buffer overflow

[Vendor of Product] Microsoft

[Affected Product Code Base] Windows Server 2003 R2

[Affected Component] ScStoragePathFromUrl

[Attack Type] Remote

[Impact Code execution] true

[Attack Vectors] crafted PROPFIND data

[Has vendor confirmed or acknowledged the vulnerability?] true

[Discoverer] Zhiniang Peng and Chen Wu.

Information Security Lab & School of Computer Science & Engineering, South China University of Technology Guangzhou, China

https://github.com/edwardz246003/IIS_exploit/

 

如果您喜歡本博客,歡迎點擊圖片定訂閱到郵箱填寫您的郵件地址,訂閱我們的精彩內容:

正文部分到此結束

文章標簽:這篇文章木有標簽

版權聲明:若無特殊注明,本文皆為( mOon )原創,轉載請保留文章出處。

也許喜歡: «K8_Struts2_EXP+S2-045+&+任意文件上傳+20170309 | OWASP Xenotix XSS Exploit Framework V6.2 下載»

你腫么看?

你還可以輸入 250/250 個字

? 微笑 大笑 拽 大哭 親親 流汗 噴血 奸笑 囧 不爽 暈 示愛 害羞 吃驚 驚嘆 愛你 嚇死了 呵呵

評論信息框

這篇文章還沒有收到評論,趕緊來搶沙發吧~

?
?
河北11选5开奖