二千人交流群 131634501 加进来一起玩耍
Apr 05 2017
[Description] Buffer overflow in the ScStoragePathFromUrl fution in the service in Internet Information (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.
[Additional Information] the ScStoragePathFromUrl function is called twice
[Vulnerability Type] Buffer overflow
[Vendor of Product] Microsoft
[Affected ProductBase] Windows Server 2003 R2
[Affected Component] ScStoragePathFromUrl
[Attack Type] Remote
[Attack Vectors] crafted PROPFIND data
[Has vendor confirmed or acknowledged the vulnerability?] true
[Discoverer] Zhiniang Peng and Chen Wu.
Information Security Lab & School of Computer Sciee & Engineering, South China University of Technology Guangzhou, China