id: CVE-2017-7269 info: name: Windows Server 2003 & IIS 6.0 - Remote Code Execution author: thomas_from_offensity,geeknik severity: critical description: | Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 contains a buffer overflow vulnerability in the ScStoragePathFromUrl function in the WebDAV service that could allow remote attackers to execute arbitrary code via a long header beginning with "If ", dasl) - regex("[\d]+(,\s+[\d]+)?", dav) - regex(".*?PROPFIND", public) - regex(".*?PROPFIND", allow) condition: or - type: word part: header words: - "IIS/6.0" - type: status status: - 200 # digest: 4a0a00473045022100b8221e2224b3b0da0d06715eb9394d908a3aa349a88f3e585673072c3fa6cb1c022013e58712ace1a770794b465e253c8484eccf696acc2ab3db75f88c30ce744dd5:922c64590222798bb761d5b6d8e72950