Remote Code Execution Via HTTP Request In IIS On Windows

Mattias website ^ | Wednesday, April 15, 2015 | Mattias Geniar

[Utilizer]

A remote code execution vulnerability exists in the HTTP protocol stack (HTTP.sys) that is caused when HTTP.sys improperly parses specially crafted HTTP requests. An attacker who successfully exploited this vulnerability could execute arbitrary code in the context of the System account.

To exploit this vulnerability, an attacker would have to send a specially crafted HTTP request to the affected system. The update addresses the vulnerability by modifying how the Windows HTTP stack handles requests.

[Utilizer]

Much more details including code snippets at website.

[ClearCase_guy]

“one of the fly rods has gone out of skew on the treadle”

[Scrambler Bob]

And John has a long mustache.

[Utilizer]

Shoot the moon!

[some tech guy]

People still use IIS to serve sites?

[Ray76]

Hey here’s some data, let’s execute it!

[Utilizer]

Apparently so, it would seem.

[familyop]

https://en.wikipedia.org/wiki/Internet_Information_Services
Internet Information Services
Wikipedia
“IIS 8.5 is included in Windows Server 2012 R2 and Windows 8.1.”

[patro]

[PastorBooks]

IMPORTANT: This vulnerability is in all Windows 7 and Windows 8 systems, not just IIS servers.

“This security update is rated Critical for all supported editions of Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2.”

Microsoft Security Bulletin MS15-034 - Critical

https://technet.microsoft.com/library/security/ms15-034

It is for home computers, too. Not just servers.

[PastorBooks]

More information:

Remote Kernel Code Execution Via HTTP Request In IIS On Windows | Hacker News
https://news.ycombinator.com/item?id=9380468

Remote Code Execution Via HTTP Request In IIS On Windows
https://ma.ttias.be/remote-code-execution-via-http-request-in-iis-on-windows

MS15-034 Test
https://lab.xpaw.me/MS15-034/?host=bing.com

[dayglored]

Windows Server IIS vulnerability ... PING!

You can find all the Windows Ping list threads with FR search: search on keyword "windowspinglist".

Of interest to the System Admins on the ping list, but ALSO to anyone running web services on Win 7 or Win 8...

[Billthedrill]

Oh, well, it’s all part of the monthly patch cycle. Remote code execution with SYSTEM account privileges is not something you’d want to let hang around. Should have about 250 servers patched by Friday night. It’s what I do.

[miliantnutcase]

Lots of app servers still use it.

[bicyclerepair]

I love linux mint, best OS ever

[Utilizer]

I think you posted on the wrong thread, mate.

That, or you need to put down the container of Golden Nectar you have been partaking of a bit more than you should have tonight. :)

[Ingtar]

Recent:

Apple Safari contains a vulnerability that could allow an unauthenticated, remote attacker to conduct remote code execution on the affected system. Updates are available.

A Critical remotely exploitable vulnerability has been discovered in the widely used Linux and Unix command-line shell, known as Bash, aka the GNU Bourne Again Shell, leaving countless websites, servers, PCs, OS X Macs, various home routers, and many more open to the cyber criminals.

Microsoft just seems to get more love. :)

[SoConPubbie]

Microsoft just seems to get more love. :)

Especially by the unwashed Leftie masses.

I've never really figured that out, except that they think Steve Jobs is cool for some reason.

[Utilizer]

I think it’s that Rainbow Flag Apple icon, actually. *grin*

[Windflier]

Windows Server IIS vulnerability

My Win7 computer ate 16 updates from MS today. Took forever, too! Is it possible this patch was included?