id: CVE-2017-7269 info: name: Windows Server 2003 & IIS 6.0 - Remote Code Execution author: thomas_from_offensity,geeknik severity: critical description: | Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 contains a buffer overflow vulnerability in the ScStoragePathFromUrl function in the WebDAV service that could allow remote attackers to execute arbitrary code via a long header beginning with "If ", dasl) # lowercase header name: DASL - regex("[\d]+(,\s+[\d]+)?", dav) # lowercase header name: DAV - regex(".*?PROPFIND", public) # lowercase header name: Public - regex(".*?PROPFIND", allow) # lowercase header name: Allow condition: or - type: status status: - 200