Vulnerability Distribution Released By NSFOCUS Threat Intelligence (NTI)

Microsoft Windows Server 2003 R2 IIS 6.0 Remote Code Execution Technical Analysis and Solution

2017-04-02刘鹏EnglishVersion, Microsoft Windows Server 2003 R2 IIS 6.0, Remote Code Execution, Technical Analysis and Solution, Unaffected Versions, Vulnerability Analysis, Vulnerability Distribution Released by NSFOCUS Threat Intelligence (NTI)

On March 37, Zhiniang Peng and Chen Wu disclosed the Internet Information Services (IIS) 6.0 WebDAV remote code execution vulnerability, which has been assigned CVE-2017-7269 and CNNVD-201703-1151. This vulnerability, which could cause buffer overflows, is associated with the ScStoragePathFromUrl function in the WebDAV service in IIS 6.0 in Microsoft Windows Server 2003 R2.