Saturday, November 2, 2024
HomeCVE/vulnerabilityAround 8 million websites affected by a critical Buffer Overflow Vulnerability resides...

Around 8 million websites affected by a critical Buffer Overflow Vulnerability resides in IIS 6.0

Published on

Malware protection

Internet Information Services is an extensible web server made by Microsoft for use with the Windows NT family.IIS can help you achieve better performance, reliability, scalability, and security for your websites.

The IIS6.0 zero-day flaw was found by two scientists with the Information Security Lab and School of Computer Science and Engineering, South China University of Technology Guangzhou, China who distributed a POC code misuse on GitHub.

Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with “If:

- Advertisement - SIEM as a Service

CVE-2017-7269 Buffer Overflow Vulnerability

A remote attacker could misuse this exploit in the IIS WebDAV Component with a crafted request utilizing PROPFIND technique. Successful exploitation could result in denial of service attack or arbitrary code execution with regards to the client running the application.

Successful exploitation could result in denial of service attack or arbitrary code execution with regards to the client running the application.As per analysis from Trend Micro.

According to researchers, the vulnerability was exploited in wild of June or July and it was disclosed publically by March 27.

Web Distributed Authoring and Versioning (WebDAV) is an extension of the HTTP protocol that permits customers to perform remote Web content authoring operations.

This vulnerability is exploited using the PROPFIND method and IF header. The PROPFIND method retrieves properties defined on the resource identified by the Request-URI. All the WebDAV-Compliant resources must support the PROPFIND method.

As per the report by W3Techs Microsoft-IIS is used by 11.4% of all websites and version 6 is roughly around 1.3%.

8 million websites affected by a critical Buffer Overflow Vulnerability resides in IIS 6.0

Mitigations

  • Windows server that shipped with newer versions of IIS are not affected by this vulnerability.
  • As Microsoft ends support for IIS 6.0 already on July 14, 2015, there is no patch for this vulnerability.
  • In order to Mitigate the risk disabling the WebDAV service on the vulnerable IIS 6.0 installation is recommended.

Also read:

Latest articles

LightSpy iOS Malware Enhanced with 28 New Destructive Plugins

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS...

ATPC Cyber Forum to Focus on Next Generation Cybersecurity and Artificial Intelligence Issues

White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch...

New PySilon RAT Abusing Discord Platform to Maintain Persistence

Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan...

Konni APT Hackers Attacking Organizations with New Spear-Phishing Tactics

The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Google Chrome Security, Critical Vulnerabilities Patched

Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to...

SMB Force-Authentication Vulnerability Impacts All OPA Versions For Windows

Open Policy Agent (OPA) recently patched a critical vulnerability that could have exposed NTLM...

Vulnerabilities in Realtek SD Card Reader Driver Impacts Dell, Lenovo, & Others Laptops

Multiple vulnerabilities have been discovered in the Realtek SD card reader driver, RtsPer.sys, affecting...