Test ID:	1.3.6.1.4.1.25623.1.0.140228
Category:	Web Servers
Title:	Microsoft Internet Information Services Buffer Overflow Vulnerability
Summary:	Microsoft Internet Information Services is prone to a buffer overflow; vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an; insufficiently sized memory buffer.
Description:	Summary: Microsoft Internet Information Services is prone to a buffer overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. Vulnerability Impact: Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. Affected Software/OS: Microsoft Internet Information Services 6.0 running on Microsoft Windows Server 2003 R2 is vulnerable, other versions may also be affected. Solution: Microsoft has addressed this issue and provided an update. Head over to the references and download and install the necessary update for your system. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-7269 BugTraq ID: 97127 http://www.securityfocus.com/bid/97127 https://www.exploit-db.com/exploits/41738/ https://www.exploit-db.com/exploits/41992/ https://0patch.blogspot.com/2017/03/0patching-immortal-cve-2017-7269.html https://github.com/danigargu/explodingcan https://github.com/edwardz246003/IIS_exploit https://github.com/rapid7/metasploit-framework/pull/8162 https://medium.com/@iraklis/number-of-internet-facing-vulnerable-iis-6-0-to-cve-2017-7269-8bd153ef5812 http://www.securitytracker.com/id/1038168
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.