IIS 6.0 WebDAV远程代码执行漏洞 (CVE-2017-7269)

Basic Fields

SSV ID:
SSV-92834
Find Time:
Unknown
Submit Time:
2017-03-28
Level:
Category:
缓冲区溢出
Component:
Microsoft IIS
(6.0)
Author:
Zhiniang Peng,Chen Wu
Submitter:
Knownsec
CVE-ID:
CVE-2017-7269
CNNVD-ID:
Add
CNVD-ID:
Add
ZoomEye Dork:
Add

Source

Detail

Contributor Got  0KB
Loading icon
have 0  exchange

PoC (pocsuite 插件) (pocsuite 插件)

Contributor Knownsec totally have   20KB
Login to exchange

None 飞扬 have 2 Exchange

Reference Linking

Solutions

Temp Solutions

Official Solution

Unavailable Official solution

Defense Solutions

Unavailable Defense Solutions

Popularity 10966
Need to bind phone before comment. Bind Now

All Comments (2)

  • omVDSwqS75i7McMB2rRsPqzo00i8
    我的虚拟机win2003,开启了WebDav,但是发poc过去总是500或者502,方便解答一下吗?
    2F
  • 2482446725
    本地测试成功,但shellcode怎么写?
    • anonymous
      这个学问就大了,不同操作系统 shellcode 也不一样. 建议看看 <<Shellcode 从入门到放弃>> 这本书
    • 95zz
      建议看看 <<Shellcode 从入门到自杀>> 这本书
    • NuLL
      别听他们的,直接看<<shellcode 直接放弃>>这本书就可以了
    • anonymous
      其实我觉得可以直接参考 《用shellcode来自杀》这本书
    • 诡道
      别听他们的,直接看<<shellcode 从入门到入土>>这本书就可以了
    1F

※Any content provided by this site, only to learn the code and services, not for illegal purposes