IIS 6.0 Vulnerability Leads to Code Execution

Microsoft Internet Information Services (IIS) 6.0 is vulnerable to a zero-day Buffer Overflow vulnerability ( CVE-2017-7269 ) due to an improper validation of an ‘IF’ header in a PROPFIND request. A remote attacker could exploit this vulnerability in the IIS WebDAV Component with a crafted request using PROPFIND method.

Source: IIS 6.0 Vulnerability Leads to Code Execution

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s