what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from Chen Wu

Microsoft IIS WebDav ScStoragePathFromUrl Overflow

Posted May 11, 2017

Authored by Dominic Chell, FireFart, Zhiniang Peng, Chen Wu, zcgonvh, Rich Whitcroft | Site metasploit.com

Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016. Original exploit by Zhiniang Peng and Chen Wu.

tags | exploit, remote, web, overflow, arbitrary

systems | windows

advisories | CVE-2017-7269

SHA-256 | dd14beacc3e87b7064dc160534d469a79690ec06c3cb5fdddd8acbce04733db8

Download | Favorite | View

Microsoft IIS 6.0 WebDAV ScStoragePathFromUrl Buffer Overflow

Posted Mar 27, 2017

Authored by Zhiniang Peng, Chen Wu

Microsoft IIS version 6.0 suffers from a WebDAV ScStoragePathFromUrl buffer overflow vulnerability.

tags | exploit, overflow

advisories | CVE-2017-7269

SHA-256 | 6863dfccb5afdbb2b68e4e352d69d7475a42a362ead4a48025220cdbd740e6d3

Download | Favorite | View