id: CVE-2017-7269 info: name: Windows Server 2003 & IIS 6.0 - Remote Code Execution author: thomas_from_offensity,geeknik severity: critical description: | Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 contains a buffer overflow vulnerability in the ScStoragePathFromUrl function in the WebDAV service that could allow remote attackers to execute arbitrary code via a long header beginning with "If ", dasl) - regex("[\d]+(,\s+[\d]+)?", dav) - regex(".*?PROPFIND", public) - regex(".*?PROPFIND", allow) condition: or - type: word part: header words: - "IIS/6.0" - type: status status: - 200 # digest: 490a004630440220495b1fa854301eccccabfffc0d5758e79ca9d470d6c9daeed43c960791f9e12d022068e5219d420072a580169f3a2124207ad3774a71cbd02d18543af151bc886452:922c64590222798bb761d5b6d8e72950