Wednesday, June 19, 2024

Around 8 million websites affected by a critical Buffer Overflow Vulnerability resides in IIS 6.0

Internet Information Services is an extensible web server made by Microsoft for use with the Windows NT family.IIS can help you achieve better performance, reliability, scalability, and security for your websites.

The IIS6.0 zero-day flaw was found by two scientists with the Information Security Lab and School of Computer Science and Engineering, South China University of Technology Guangzhou, China who distributed a POC code misuse on GitHub.

Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with “If:

CVE-2017-7269 Buffer Overflow Vulnerability

A remote attacker could misuse this exploit in the IIS WebDAV Component with a crafted request utilizing PROPFIND technique. Successful exploitation could result in denial of service attack or arbitrary code execution with regards to the client running the application.

Successful exploitation could result in denial of service attack or arbitrary code execution with regards to the client running the application.As per analysis from Trend Micro.

According to researchers, the vulnerability was exploited in wild of June or July and it was disclosed publically by March 27.

Web Distributed Authoring and Versioning (WebDAV) is an extension of the HTTP protocol that permits customers to perform remote Web content authoring operations.

This vulnerability is exploited using the PROPFIND method and IF header. The PROPFIND method retrieves properties defined on the resource identified by the Request-URI. All the WebDAV-Compliant resources must support the PROPFIND method.

As per the report by W3Techs Microsoft-IIS is used by 11.4% of all websites and version 6 is roughly around 1.3%.

8 million websites affected by a critical Buffer Overflow Vulnerability resides in IIS 6.0

Mitigations

  • Windows server that shipped with newer versions of IIS are not affected by this vulnerability.
  • As Microsoft ends support for IIS 6.0 already on July 14, 2015, there is no patch for this vulnerability.
  • In order to Mitigate the risk disabling the WebDAV service on the vulnerable IIS 6.0 installation is recommended.

Also read:

Website

Latest articles

Singapore Police Arrested Two Individuals Involved in Hacking Android Devices

The Singapore Police Force (SPF) has arrested two men, aged 26 and 47, for...

CISA Conducts First-Ever Tabletop Exercise Focused on AI Cyber Incident Response

On June 13, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) made history by...

Europol Taken Down 13 Websites Linked to Terrorist Operations

Europol and law enforcement agencies from ten countries have taken down 13 websites linked...

New ARM ‘TIKTAG’ Attack Impacts Google Chrome, Linux Systems

Memory corruption lets attackers hijack control flow, execute code, elevate privileges, and leak data.ARM's...

Operation Celestial Force Employing Android And Windows Malware To Attack Indian Users

A Pakistani threat actor group, Cosmic Leopard, has been conducting a multi-year cyber espionage...

Hunt3r Kill3rs Group claims they Infiltrated Schneider Electric Systems in Germany

The notorious cybercriminal group Hunt3r Kill3rs has claimed responsibility for infiltrating Schneider Electric's systems...

Hackers Employing New Techniques To Attack Docker API

Attackers behind Spinning YARN launched a new cryptojacking campaign targeting publicly exposed Docker Engine...

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles