Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with “If: <http://” in a PROPFIND request, as exploited in the wild in July or August 2016.

CPENameOperatorVersion
internet_information_servereq6.0

CPE	Name	Operator	Version
	internet_information_server	eq	6.0

References

www.securityfocus.com/bid/97127

www.securitytracker.com/id/1038168

0patch.blogspot.com/2017/03/0patching-immortal-cve-2017-7269.html

github.com/danigargu/explodingcan

github.com/edwardz246003/IIS_exploit

github.com/rapid7/metasploit-framework/pull/8162

medium.com/@iraklis/number-of-internet-facing-vulnerable-iis-6-0-to-cve-2017-7269-8bd153ef5812

support.microsoft.com/en-us/help/3197835/description-of-the-security-update-for-windows-xp-and-windows-server

www.exploit-db.com/exploits/41738/

www.exploit-db.com/exploits/41992/

myhack58 7

packetstorm 3

canvas 1

cisa_kev 1

securelist 2

cvelist 1

nvd 1

metasploit 1

nessus 3

kaspersky 1

checkpoint_advisories 1

openvas 2

attackerkb 1

zdt 2

nuclei 1

thn 1

cisa 1

cve 1

seebug 1

exploitdb 1

ics 1

threatpost 2

qualysblog 3

rapid7community 1

kitploit 1

trendmicroblog 1

myhack58

CVE-2017-7269 a few tips and BUG fixes-vulnerability warning-the black bar safety net

2017-04-07 00:00:00

IIS 6.0 exposure remote code execution vulnerability CVE-2017-7269-vulnerability warning-the black bar safety net

2017-03-29 00:00:00

CVE-2017-7269 IIS6. 0 remote code execution vulnerability analysis and Exploit-vulnerability warning-the black bar safety net

2017-04-01 00:00:00

packetstorm

MS IIS 6.0 Buffer Overflow NSE Script

2017-04-08 00:00:00

Microsoft IIS WebDav ScStoragePathFromUrl Overflow

2017-05-11 00:00:00

Microsoft IIS 6.0 WebDAV ScStoragePathFromUrl Buffer Overflow

2017-03-27 00:00:00

canvas

Immunity Canvas: IIS6_PROPFIND

2017-03-27 02:59:00

cisa_kev

Microsoft Windows Server Buffer Overflow Vulnerability

2021-11-03 00:00:00

securelist

Operation TunnelSnake

2021-05-06 10:00:45

IT threat evolution Q3 2017. Statistics

2017-11-10 10:45:04

cvelist

CVE-2017-7269

2017-03-27 01:55:00

nvd

CVE-2017-7269

2017-03-27 02:59:00

metasploit

Microsoft IIS WebDav ScStoragePathFromUrl Overflow

2017-03-28 14:53:18

nessus

Microsoft Windows Server 2003 R2 IIS 6.0 WebDAV PROPFIND Request Handling RCE (EXPLODINGCAN)

2017-04-11 00:00:00

Microsoft Windows Server 2003 IIS 6.0 WebDAV PROPFIND Request Handling RCE (EXPLODINGCAN)

2017-04-20 00:00:00

Microsoft Security Advisory 4025685: Guidance for older platforms (XP / 2003) (EXPLODINGCAN)

2017-06-14 00:00:00

kaspersky

KLA10999 Arbitrary code execution vulnerability in Microsoft IIS

2017-03-22 00:00:00

checkpoint_advisories

Microsoft IIS WebDAV ScStoragePathFromUrl Buffer Overflow (CVE-2017-7269)

2017-03-29 00:00:00

openvas

Microsoft Internet Information Services Buffer Overflow Vulnerability

2017-03-30 00:00:00

Microsoft Windows 'WebDAV' Remote Code Execution Vulnerability (KB3197835)

2017-06-16 00:00:00

attackerkb

CVE-2017-7269

2017-03-27 00:00:00

zdt

Microsoft IIS WebDav ScStoragePathFromUrl Overflow Exploit

2017-05-11 00:00:00

Internet Information Services (IIS) 6.0 WebDAV - ScStoragePathFromUrl Buffer Overflow Exploit

2017-03-27 00:00:00

nuclei

Windows Server 2003 & IIS 6.0 - Remote Code Execution

2021-02-24 13:29:23

thn

Hackers Exploiting Microsoft Servers to Mine Monero - Makes $63,000 In 3 Months

2017-09-28 05:33:00

cisa

Internet Information Services (IIS) 6.0 Vulnerability

2017-03-30 00:00:00

cve

CVE-2017-7269

2017-03-27 02:59:00

seebug

IIS 6.0 WebDAV remote code execution vulnerability (CVE-2017-7269)

2017-03-28 00:00:00

exploitdb

Microsoft IIS - WebDav 'ScStoragePathFromUrl' Remote Overflow (Metasploit)

2017-05-11 00:00:00

ics

Siemens Molecular Imaging Vulnerabilities

2017-08-03 12:00:00

threatpost

Publicly Attacked Microsoft IIS Zero Day Unlikely to be Patched

2017-03-29 15:15:50

Rare XP Patches Fix Three Remaining Leaked NSA Exploits

2017-06-14 08:50:23

qualysblog

The Shadow Brokers Release Zero Day Exploit Tools

2017-04-15 07:11:21

Microsoft Fixes 94 Security Issues in Massive June Update

2017-06-13 18:28:02

Managing CISA Known Exploited Vulnerabilities with Qualys VMDR

2022-02-23 05:39:00

rapid7community

Metasploit Wrapup

2017-05-26 19:06:43

kitploit

Sn1per v7.0 - Automated Pentest Framework For Offensive Security Experts

2019-05-12 13:09:00

trendmicroblog

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 17, 2017

2017-04-21 18:23:45

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

9.6 High

AI Score

Confidence

High

0.971 High

EPSS

Percentile

99.8%

JSON

Related for PRION:CVE-2017-7269