Vulners
Lucene search
Windows Server 2003 & IIS 6.0 - Remote Code Execution
| Reporter | Title | Published | Views | Family All 78 |
|---|---|---|---|---|
 | Exploit for Classic Buffer Overflow in Microsoft | 28 Apr 201804:11 | – | githubexploit |
| Exploit for Classic Buffer Overflow in Microsoft | 29 Mar 201711:20 | – | githubexploit |
| Exploit for Classic Buffer Overflow in Microsoft | 29 Mar 201705:59 | – | githubexploit |
| Exploit for Classic Buffer Overflow in Microsoft | 16 Jul 202107:02 | – | githubexploit |
| Exploit for Classic Buffer Overflow in Microsoft | 16 Jul 202107:02 | – | githubexploit |
| Exploit for Classic Buffer Overflow in Microsoft | 30 Mar 201722:20 | – | githubexploit |
| Exploit for Classic Buffer Overflow in Microsoft | 6 Apr 201713:27 | – | githubexploit |
| Exploit for Classic Buffer Overflow in Microsoft | 16 Jul 202107:02 | – | githubexploit |
| Exploit for Classic Buffer Overflow in Microsoft | 6 Oct 202417:33 | – | githubexploit |
| Exploit for Classic Buffer Overflow in Microsoft | 3 Jan 201802:08 | – | githubexploit |
10
id: CVE-2017-7269
info:
name: Windows Server 2003 & IIS 6.0 - Remote Code Execution
author: thomas_from_offensity,geeknik
severity: critical
description: |
Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 contains a buffer overflow vulnerability in the ScStoragePathFromUrl function in the WebDAV service that could allow remote attackers to execute arbitrary code via a long header beginning with "If <http://" in a PROPFIND request.
impact: |
Allows remote attackers to execute arbitrary code on the affected system.
remediation: |
Upgrade to a supported version of Windows Server and IIS, or apply the necessary security patches.
reference:
- https://blog.0patch.com/2017/03/0patching-immortal-cve-2017-7269.html
- https://github.com/danigargu/explodingcan/blob/master/explodingcan.py
- https://nvd.nist.gov/vuln/detail/CVE-2017-7269
- https://github.com/edwardz246003/IIS_exploit
- http://www.securitytracker.com/id/1038168
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2017-7269
cwe-id: CWE-119
epss-score: 0.99823
epss-percentile: 0.99958
cpe: cpe:2.3:a:microsoft:internet_information_server:6.0:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: microsoft
product: internet_information_server
shodan-query: cpe:"cpe:2.3:a:microsoft:internet_information_server"
tags: cve2017,cve,rce,windows,iis,kev,microsoft,vkev,vuln
http:
- method: OPTIONS
path:
- "{{BaseURL}}"
matchers-condition: and
matchers:
- type: dsl
dsl:
- regex("<DAV:sql>", dasl)
- regex("[\d]+(,\s+[\d]+)?", dav)
- regex(".*?PROPFIND", public)
- regex(".*?PROPFIND", allow)
condition: or
- type: word
part: header
words:
- "IIS/6.0"
- type: status
status:
- 200
# digest: 4a0a00473045022100caf9a27f37d7ad17f1f966ab86e6afcf08fc03761d2e5a58ff0147406771b18402203b1fdcf2b9fabd1cc71d1f9d1f7f51619f866fe4823e38c0886b7baa9c67061e:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
04 Feb 2026 07:00Current
9.5High risk
Vulners AI Score9.5
CVSS 3.19.8
CVSS 210
EPSS0.99823
SSVC