Update CVE-2017-7269.yaml
parent
c0f5cf03ab
commit
f6dc6a1376
|
@ -1,11 +1,14 @@
|
|||
id: CVE-2017-7269
|
||||
|
||||
info:
|
||||
name: CVE-2017-7269
|
||||
author: thomas_from_offensity
|
||||
name: Windows Server 2003 & IIS 6.0 RCE
|
||||
author: thomas_from_offensity & @geeknik
|
||||
severity: critical
|
||||
description: RCE - Buffer overflow in ScStoragePathFromUrl function (WebDAV service - IIS 6.0) - Windows Server 2003 R2
|
||||
reference: https://github.com/danigargu/explodingcan/blob/master/explodingcan.py
|
||||
description: Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request.
|
||||
reference: |
|
||||
- https://blog.0patch.com/2017/03/0patching-immortal-cve-2017-7269.html
|
||||
- https://github.com/danigargu/explodingcan/blob/master/explodingcan.py
|
||||
tags: cve,cve2017,rce
|
||||
|
||||
requests:
|
||||
- method: OPTIONS
|
||||
|
@ -27,4 +30,4 @@ requests:
|
|||
- regex(".*?PROPFIND", public) # lowercase header name: Public
|
||||
- regex(".*?PROPFIND", allow) # lowercase header name: Allow
|
||||
condition: or
|
||||
part: header
|
||||
part: header
|
||||
|
|
Loading…
Reference in New Issue