CVE-2015-1635

Related Files

MS15-034 HTTP Protocol Stack Request Handling HTTP.SYS Memory Information Disclosure

Posted Sep 1, 2024

Authored by sinn3r, Rich Whitcroft, Sunny Neo | Site metasploit.com

This Metasploit module dumps memory contents using a crafted Range header and affects only Windows 8.1, Server 2012, and Server 2012R2. Note that if the target is running in VMware Workstation, this module has a high likelihood of resulting in BSOD; however, VMware ESX and non-virtualized hosts seem stable. Using a larger target file should result in more memory being dumped, and SSL seems to produce more data as well.

tags | exploit

systems | windows

advisories | CVE-2015-1635

SHA-256 | 4a0a7232721b04275d17b16891f2475537a84cfaad2597bb4398fc1c09c5c025

Download | Favorite | View

MS15-034 HTTP Protocol Stack Request Handling Denial-of-Service

Posted Aug 31, 2024

Authored by sinn3r, Bill Finlayson | Site metasploit.com

This Metasploit module will check if scanned hosts are vulnerable to CVE-2015-1635 (MS15-034), a vulnerability in the HTTP protocol stack (HTTP.sys) that could result in arbitrary code execution. This Metasploit module will try to cause a denial-of-service.

tags | exploit, web, arbitrary, code execution, protocol

advisories | CVE-2015-1635

SHA-256 | 8bcf9fd5485ad5f86ee237d3ee7278b63a19b971dc236871e0b76c78aefef70e

Download | Favorite | View

Microsoft Windows HTTP.sys Proof Of Concept

Posted Apr 16, 2015

Authored by rhcp011235

Microsoft Windows HTTP.sys proof of concept exploit for MS15-034.

tags | exploit, web, proof of concept

systems | windows

advisories | CVE-2015-1635

SHA-256 | b962eb94796643c1f7df4412502d1acc226c3e768498d683a56c3660db367cc2

Download | Favorite | View