1 漏洞信息
漏洞名称 | Windows HTTP拒绝服务漏洞复现 |
---|---|
漏洞编号 | CVE-2022-21907 |
危害等级 | 高危 |
CVSS评分 | 9.8 |
漏洞类型 | 系统漏洞 |
漏洞厂商 | 微软 |
漏洞组件 | IIS |
受影响版本 | - Windows - 10 Version 1809 for 32-bit Systems - 10 Version 1809 for x64-based Systems - 10 Version 1809 for ARM64-based Systems - 10 Version 21H1 for 32-bit Systems - 10 Version 21H1 for x64-based System - 10 Version 21H1 for ARM64-based Systems - 10 Version 20H2 for 32-bit Systems - 10 Version 20H2 for x64-based Systems - 10 Version 20H2 for ARM64-based Systems - 10 Version 21H2 for 32-bit Systems - 10 Version 21H2 for x64-based Systems - 10 Version 21H2 for ARM64-based Systems - 11 for x64-based Systems - 11 for ARM64-based Systems - Windows Server - 2019 - 2019 (Core installation) - 2022 - 2022 (Server Core installation) - version 20H2 (Server Core Installation) |
漏洞概述 | HTTP协议堆栈中存在远程代码执行漏洞,由于HTTP协议栈(HTTP.sys)中的HTTP Trailer Support功能存在边界错误可导致缓冲区溢出。 |
2 环境搭建
2.1 环境概述
- Windows 10操作系统
2.2 搭建过程
Windows 10 调出控制面板->程序->启用或关闭Windows功能,勾选所有的Internet Information Services选项。
访问靶机的ip地址,发现成功搭建了IIS服务。
3 漏洞复现
1.攻击机运行POC
2.过一段时间后,发现Windows蓝屏
3.返回攻击机查看,发现最底下多了年两行,经过判断,该两行输出是提示漏洞攻击成功。
4 修复建议
1、更新Windows系统