Zero-day on Windows Server 2003 could affect up to 600,000 servers by Rene Millman.
From the post:
A vulnerability has been discovered in Windows Server 2003 running IIS6 by two security researchers at the South China University of Technology, but Microsoft said it won’t issue a patch even though up to 600,000 servers could be running the unsupported software.
The researchers posted a proof-of-concept exploit for the zero-day to Github. The flaw is a zero-day buffer overflow vulnerability (CVE-2017-7269) which has been traced to an improper validation of an ‘IF’ header in a PROPFIND request.
The researchers said it’s not a theoretical risk as the flaw was exploited in the wild in July or August 2016. It was disclosed to the public this week.
“A remote attacker could exploit this vulnerability in the IIS WebDAV Component with a crafted request using PROPFIND method. Successful exploitation could result in denial of service condition or arbitrary code execution in the context of the user running the application,” said Virendra Bisht, a vulnerability researcher at Trend Micro.
He added that other threat actors are now in the stages of creating malicious code based on the original proof-of-concept (PoC).
…
No patch from Microsoft so this vulnerability will be around for quite some time. Long enough to test your skills at working from a PoC or a CVE (CVE-2017-7269) to develop working code.
Test against your local Windows Server 2003 installation on a VM.
If you are serious about security research, start collecting OS editions and their patches. Refresh your storage media on a regular schedule.