2023-11-23 15:24:42 +00:00
id : CVE-2015-1635
2024-02-28 06:17:24 +00:00
2023-11-23 15:24:42 +00:00
info :
2024-02-28 06:17:24 +00:00
name : Microsoft Windows 'HTTP.sys' - Remote Code Execution
2023-11-23 15:24:42 +00:00
author : Phillipo
2023-11-28 14:26:36 +00:00
severity : critical
2024-02-28 06:17:24 +00:00
description : |
HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."
2023-11-23 15:24:42 +00:00
reference :
- https://www.exploit-db.com/exploits/36773
- https://www.securitysift.com/an-analysis-of-ms15-034/
2024-02-28 06:17:24 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2015-1635
2024-03-23 09:28:19 +00:00
- http://www.securitytracker.com/id/1032109
- https://github.com/b1gbroth3r/shoMe
2023-11-23 15:24:42 +00:00
classification :
2024-03-14 14:44:19 +00:00
cvss-metrics : CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
2024-03-23 09:28:19 +00:00
cvss-score : 10
2023-11-23 15:24:42 +00:00
cve-id : CVE-2015-1635
2024-03-23 09:28:19 +00:00
cwe-id : CWE-94
epss-score : 0.97537
2024-04-08 11:34:33 +00:00
epss-percentile : 0.99992
2024-02-28 06:17:24 +00:00
cpe : cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
metadata :
verified : true
2024-03-23 09:28:19 +00:00
max-request : 1
2024-02-28 06:17:24 +00:00
vendor : microsoft
product : windows_7
shodan-query : '"Microsoft-IIS" "2015"'
tags : cve,cve2015,kev,microsoft,iis,rce
2023-11-23 15:24:42 +00:00
2024-02-12 15:47:31 +00:00
http :
2023-11-28 14:26:36 +00:00
- method : GET
path :
2024-02-12 15:47:31 +00:00
- "{{BaseURL}}"
2023-11-28 14:26:36 +00:00
headers :
Range : "bytes=0-18446744073709551615"
2023-11-23 15:24:42 +00:00
2024-02-28 06:17:24 +00:00
matchers-condition : and
2023-11-23 15:24:42 +00:00
matchers :
- type : word
2024-02-28 06:17:24 +00:00
part : body
2023-11-23 15:24:42 +00:00
words :
2024-02-12 15:47:31 +00:00
- "HTTP Error 416"
- "The requested range is not satisfiable"
2024-02-28 06:17:24 +00:00
condition : and
- type : word
part : header
words :
- "Microsoft"
2024-03-25 11:57:16 +00:00
# digest: 4a0a00473045022100a635f022b45e7a586ad5e4a4564a246654390e2469d4729272954c932b441eab02204e4776dc6153c0fcae6eaca611da6998b1e8e23d7bef84872c029f267912cd1b:922c64590222798bb761d5b6d8e72950