daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2017-7269.yaml

patch-1
Geeknik Labs 2021-05-09 15:16:07 +00:00 committed by GitHub
parent c0f5cf03ab
commit f6dc6a1376
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
cves/2017/CVE-2017-7269.yaml
View File

@ -1,11 +1,14 @@
id: CVE-2017-7269
info:
name: CVE-2017-7269
author: thomas_from_offensity
name: Windows Server 2003 & IIS 6.0 RCE
author: thomas_from_offensity & @geeknik
severity: critical
description: RCE - Buffer overflow in ScStoragePathFromUrl function (WebDAV service - IIS 6.0) - Windows Server 2003 R2
reference: https://github.com/danigargu/explodingcan/blob/master/explodingcan.py
description: Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request.
reference: |
- https://blog.0patch.com/2017/03/0patching-immortal-cve-2017-7269.html
- https://github.com/danigargu/explodingcan/blob/master/explodingcan.py
tags: cve,cve2017,rce
requests:
- method: OPTIONS
@ -27,4 +30,4 @@ requests:
- regex(".*?PROPFIND", public) # lowercase header name: Public
- regex(".*?PROPFIND", allow) # lowercase header name: Allow
condition: or
part: header
part: header