Categories: CVE/vulnerability

Around 8 million websites affected by a critical Buffer Overflow Vulnerability resides in IIS 6.0

Internet Information Services is an extensible web server made by Microsoft for use with the Windows NT family.IIS can help you achieve better performance, reliability, scalability, and security for your websites.

The IIS6.0 zero-day flaw was found by two scientists with the Information Security Lab and School of Computer Science and Engineering, South China University of Technology Guangzhou, China who distributed a POC code misuse on GitHub.

Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with “If:

CVE-2017-7269 Buffer Overflow Vulnerability

A remote attacker could misuse this exploit in the IIS WebDAV Component with a crafted request utilizing PROPFIND technique. Successful exploitation could result in denial of service attack or arbitrary code execution with regards to the client running the application.

Successful exploitation could result in denial of service attack or arbitrary code execution with regards to the client running the application.As per analysis from Trend Micro.

According to researchers, the vulnerability was exploited in wild of June or July and it was disclosed publically by March 27.

Web Distributed Authoring and Versioning (WebDAV) is an extension of the HTTP protocol that permits customers to perform remote Web content authoring operations.

This vulnerability is exploited using the PROPFIND method and IF header. The PROPFIND method retrieves properties defined on the resource identified by the Request-URI. All the WebDAV-Compliant resources must support the PROPFIND method.

As per the report by W3Techs Microsoft-IIS is used by 11.4% of all websites and version 6 is roughly around 1.3%.

Mitigations

  • Windows server that shipped with newer versions of IIS are not affected by this vulnerability.
  • As Microsoft ends support for IIS 6.0 already on July 14, 2015, there is no patch for this vulnerability.
  • In order to Mitigate the risk disabling the WebDAV service on the vulnerable IIS 6.0 installation is recommended.

Also read:

Priya James

Recent Posts

LightSpy iOS Malware Enhanced with 28 New Destructive Plugins

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS devices.…

1 day ago

ATPC Cyber Forum to Focus on Next Generation Cybersecurity and Artificial Intelligence Issues

White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch Experts…

3 days ago

New PySilon RAT Abusing Discord Platform to Maintain Persistence

Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan exploits…

3 days ago

Konni APT Hackers Attacking Organizations with New Spear-Phishing Tactics

The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on organizations…

3 days ago

Google Chrome Security, Critical Vulnerabilities Patched

Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to millions…

4 days ago

Notorious WrnRAT Delivered Mimic As Gambling Games

WrnRAT is a new malware attack that cybercriminals have deployed by using popular gambling games…

4 days ago