IIS 6.0 Vulnerability Leads to Code Execution

Microsoft Internet Information Services (IIS) 6.0 is vulnerable to a zero-day Buffer Overflow vulnerability ( CVE-2017-7269 ) due to an improper validation of an ‘IF’ header in a PROPFIND request. A remote attacker could exploit this vulnerability in the IIS WebDAV Component with a crafted request using PROPFIND method.

Source: IIS 6.0 Vulnerability Leads to Code Execution

Rate this:

Posted

March 29, 2017

Uncategorized

Nathan Cocker

Tags:

Comments

Leave a Reply Cancel reply

Enter your comment here…

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

%d bloggers like this:

IIS 6.0 Vulnerability Leads to Code Execution

Rate this:

Share this:

Like this:

Comments

Leave a Reply Cancel reply