Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

CVE-2017-7269

Disclosure Date: March 27, 2017 •

CVE-2017-7269 CVSS v3 Base Score: 9.8

Exploited in the Wild

Reported by AttackerKB Worker and 1 more...
View Source Details

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Metasploit Module

Microsoft IIS WebDav ScStoragePathFromUrl Overflow

Description

Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with “If: <http://” in a PROPFIND request, as exploited in the wild in July or August 2016.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

9.8 Critical

Impact Score:

5.9

Exploitability Score:

3.9

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV):

Network

Attack Complexity (AC):

Low

Privileges Required (PR):

None

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

High

Availability (A):

High

Vendors

microsoft

Products

internet information server 6.0

Metasploit Modules

Microsoft IIS WebDav ScStoragePathFromUrl Overflow (https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/iis/iis_webdav_scstoragepathfromurl.rb)

Exploited in the Wild

Reported by:

AttackerKB Worker

Reported: September 25, 2020 8:38pm UTC (4 years ago)

gwillcox-r7 indicated source as Government or Industry Alert (https://www.cisa.gov/known-exploited-vulnerabilities-catalog)

Reported: November 03, 2021 3:59pm UTC (3 years ago)

References

Canonical

CVE-2017-7269 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7269)

BID-97127 (http://www.securityfocus.com/bid/97127)

Advisory

EXPLOIT-DB-41992 (https://www.exploit-db.com/exploits/41992)

SECTRACK-1038168 (http://www.securitytracker.com/id/1038168)

EXPLOIT-DB-41738 (https://www.exploit-db.com/exploits/41738)

https://support.microsoft.com/en-us/help/3197835/description-of-the-security-update-for-windows-xp-and-windows-server

Exploit

PoCs that have not been added by contributors directly have been sourced from: nomi-sec/PoC-in-GitHub.
A PoC added here by the AKB Worker must have at least 2 GitHub stars.

CVE-2017-7269 (https://github.com/OmarSuarezDoro/CVE-2017-7269) (Added by AKB Worker)

CVE-2017-7269 (https://github.com/geniuszlyy/CVE-2017-7269) (Added by AKB Worker)

Miscellaneous

https://medium.com/@iraklis/number-of-internet-facing-vulnerable-iis-6-0-to-cve-2017-7269-8bd153ef5812

https://github.com/rapid7/metasploit-framework/pull/8162

https://github.com/danigargu/explodingcan

https://0patch.blogspot.com/2017/03/0patching-immortal-cve-2017-7269.html

https://github.com/edwardz246003/IIS_exploit

Rapid7

Unknown

CVE-2017-7269

Unknown

Unknown

None

None

Network

CVE-2017-7269

Description