CVE-2017-0104
published 2017-03-17CVE-2017-0104: The iSNS Server service in Microsoft Windows Server 2008 SP2 and R2, Windows Server 2012 Gold and R2, and Windows Server 2016 allows remote attackers to issue…
PriorityP350high8.1CVSS 3.0
AVNACHPRNUINSUCHIHAH
EPSS
13.82%
96.1th percentile
The iSNS Server service in Microsoft Windows Server 2008 SP2 and R2, Windows Server 2012 Gold and R2, and Windows Server 2016 allows remote attackers to issue malicious requests via an integer overflow, aka "iSNS Server Memory Corruption Vulnerability."
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2012 | — | — |
| microsoft_corporation | isns_server | — | — |
| msrc | windows_server_2008_for_32-bit_systems_service_pack_2 | — | — |
| msrc | windows_server_2008_for_x64-based_systems_service_pack_2 | — | — |
| msrc | windows_server_2008_r2_for_itanium-based_systems_service_pack_1 | — | — |
| msrc | windows_server_2008_r2_for_x64-based_systems_service_pack_1 | — | — |
| msrc | windows_server_2012 | — | — |
| msrc | windows_server_2012_r2 | — | — |
| msrc | windows_server_2016 | — | — |
CVSS provenance
nvdv3.08.1HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_msrc8.1HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
iSNS Server Memory Corruption Vulnerability
vendor_msrc·2017-03-14·CVSS 8.1
CVE-2017-0104 [HIGH] iSNS Server Memory Corruption Vulnerability
iSNS Server Memory Corruption Vulnerability
Description: A remote code execution vulnerability exists in Windows when the iSNS Server service fails to properly validate input from the client, leading to an integer overflow. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SYSTEM account.
An attacker could exploit the vulnerability by creating a specially crafted application to connect to the iSNS Server and then issue malicious requests to it.
The update addresses the vulnerability by modifying how the iSNS Server service parses requests.
Microsoft Windows: Microsoft Windows
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Remote Code Execution
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:E
GHSA
GHSA-3fh7-pmqp-67hr: The iSNS Server service in Microsoft Windows Server 2008 SP2 and R2, Windows Server 2012 Gold and R2, and Windows Server 2016 allows remote attackers
ghsa_unreviewed·2022-05-14
CVE-2017-0104 [HIGH] CWE-190 GHSA-3fh7-pmqp-67hr: The iSNS Server service in Microsoft Windows Server 2008 SP2 and R2, Windows Server 2012 Gold and R2, and Windows Server 2016 allows remote attackers
The iSNS Server service in Microsoft Windows Server 2008 SP2 and R2, Windows Server 2012 Gold and R2, and Windows Server 2016 allows remote attackers to issue malicious requests via an integer overflow, aka "iSNS Server Memory Corruption Vulnerability."
No detection rules found.
No public exploits indexed.
http://www.securityfocus.com/bid/96697http://www.securitytracker.com/id/1038001https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0104http://www.securityfocus.com/bid/96697http://www.securitytracker.com/id/1038001https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0104
2017-03-17
Published