A critical Windows vulnerability in its HTTP stack ("HTTP.sys"), which was resolved in a recent Microsoft's Patch Tuesday release, could allow remote attackers to execute code on an IIS server with the privileges of the System account. A Proof-of-Concept code to check the existence of this vulnerability was soon to follow. Remote attackers could exploit the way "HTTP.sys" parses requests with a Range header including a very large byte range to crash the server or potentially run their shellcode.
http://www.exploit-db.com/exploits/36773/
POC Information
Bug details according to the POC
More details on the available patch could be found in Microsoft’s security builletin MS15-034:
https://technet.microsoft.com/library/security/MS15-034
Following user-defined signature will detect and mitigate attempts to exploit this vulnerability while using ASM.
ASM versions including and above 11.2.x:
ASM versions below 11.2.x:
'취약점 정보1' 카테고리의 다른 글
| Cisco Desktop Cache Cleaner Remote Execution Vulnerability (0) | 2015.04.17 |
|---|---|
| Oracle Critical Patch Update (0) | 2015.04.17 |
| A Tale of Two Exploits (0) | 2015.04.15 |
| Analysis of Adobe Flash Player shared ByteArray Use-After-Free Vulnerability (0) | 2015.04.15 |
| How to bypass Google’s Santa LOCKDOWN mode (0) | 2015.04.15 |