[CVE-2017-7269] Microsoft Windows Server Buffer Overflow Vulnerability

NVD 상세 정보

설명: Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If:

CWE: CWE-120 | CWE-120

참조

• http://www.securityfocus.com/bid/97127 [Broken Link, Third Party Advisory, VDB Entry]
• http://www.securitytracker.com/id/1038168 [Broken Link, Third Party Advisory, VDB Entry]
• https://0patch.blogspot.com/2017/03/0patching-immortal-cve-2017-7269.html [Exploit, Third Party Advisory]
• https://github.com/danigargu/explodingcan [Exploit]
• https://github.com/edwardz246003/IIS_exploit [Broken Link, Third Party Advisory]
• https://github.com/rapid7/metasploit-framework/pull/8162 [Issue Tracking, Patch]
• https://medium.com/%40iraklis/number-of-internet-facing-vulnerable-iis-6-0-to-cve-2017-7269-8bd153ef5812 [Exploit]
• https://support.microsoft.com/en-us/help/3197835/description-of-the-security-update-for-windows-xp-and-windows-server [Broken Link, Patch, Vendor Advisory]
• https://www.exploit-db.com/exploits/41738/ [Exploit, Third Party Advisory, VDB Entry]
• https://www.exploit-db.com/exploits/41992/ [Exploit, Third Party Advisory, VDB Entry]
• http://www.securityfocus.com/bid/97127 [Broken Link, Third Party Advisory, VDB Entry]
• http://www.securitytracker.com/id/1038168 [Broken Link, Third Party Advisory, VDB Entry]
• https://0patch.blogspot.com/2017/03/0patching-immortal-cve-2017-7269.html [Exploit, Third Party Advisory]
• https://github.com/danigargu/explodingcan [Exploit]
• https://github.com/edwardz246003/IIS_exploit [Broken Link, Third Party Advisory]
• ... 외 6건