Nmap Development mailing list archives
[NSE] Script to detect remote code execution in Microsoft Windows systems (MS15-034)
From: Paulino Calderon Pale <paulino () calderonpale com>
Date: Wed, 15 Apr 2015 15:00:16 -0500
Hi list, I came across this (http://pastebin.com/HeBDTenr <http://pastebin.com/HeBDTenr>) =) -- PORT STATE SERVICE REASON -- 80/tcp open http syn-ack -- | http-vuln-cve2015-1635: -- | VULNERABLE: -- | Remote Code Execution in HTTP.sys (MS15-034) -- | State: VULNERABLE (Exploitable) -- | IDs: CVE:CVE-2015-1635 -- | A remote code execution vulnerability exists in the HTTP protocol stack (HTTP.sys) that is -- | caused when HTTP.sys improperly parses specially crafted HTTP requests. An attacker who -- | successfully exploited this vulnerability could execute arbitrary code in the context of the System account. -- | -- | Disclosure date: 2015-04-14 -- | References: -- | https://technet.microsoft.com/en-us/library/security/ms15-034.aspx -- |_ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1635 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1635> Script: https://github.com/cldrn/nmap/blob/master/scripts/http-vuln-cve2015-1635.nse <https://github.com/cldrn/nmap/blob/master/scripts/http-vuln-cve2015-1635.nse>
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Script to detect remote code execution in Microsoft Windows systems (MS15-034) Paulino Calderon Pale (Apr 15)
- Re: [NSE] Script to detect remote code execution in Microsoft Windows systems (MS15-034) Paulino Calderon Pale (May 04)
- Re: [NSE] Script to detect remote code execution in Microsoft Windows systems (MS15-034) Paulino Calderon Pale (May 21)
- Re: [NSE] Script to detect remote code execution in Microsoft Windows systems (MS15-034) Paulino Calderon Pale (May 04)