The version of Windows running on the remote host is affected by a vulnerability in the HTTP protocol stack (HTTP.sys) due to improperly parsing crafted HTTP requests. A remote attacker can exploit this to execute arbitrary code with System privileges.
Microsoft has released a set of patches for Windows 7, 2008 R2, 8, 8.1, 2012, and 2012 R2
Nmap NSE Script
This vulnerability can also be found with nmap: http-vuln-cve2015-1635
nmap $target1 -p 80 -script http-vuln-cve2015-1635 PORT STATE SERVICE 80/tcp open http | http-vuln-cve2015-1635: | VULNERABLE: | Remote Code Execution in HTTP.sys (MS15-034) | State: VULNERABLE | IDs: CVE:CVE-2015-1635 | A remote code execution vulnerability exists in the HTTP protocol stack (HTTP.sys) that is | caused when HTTP.sys improperly parses specially crafted HTTP requests. An attacker who | successfully exploited this vulnerability could execute arbitrary code in the context of the System account. | | Disclosure date: 2015-04-14 | References: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1635 |_ https://technet.microsoft.com/en-us/library/security/ms15-034.aspx
auxiliary/dos/http/ms15_034_ulonglongadd MS15-034 HTTP Protocol Stack Request Handling Denial-of-Service Description: This module dumps memory contents using a crafted Range header and affects only Windows 8.1, Server 2012, and Server 2012R2. Note that if the target is running in VMware Workstation, this module has a high likelihood of resulting in BSOD; however, VMware ESX and non-virtualized hosts seem stable. Using a larger target file should result in more memory being dumped, and SSL seems to produce more data as well. References: http://cvedetails.com/cve/2015-1635/ http://technet.microsoft.com/en-us/security/bulletin/MS15-034 http://pastebin.com/ypURDPc4 https://github.com/rapid7/metasploit-framework/pull/5150 https://community.qualys.com/blogs/securitylabs/2015/04/20/ms15-034-analyze-and-remote-detection http://www.securitysift.com/an-analysis-of-ms15-034/ http://securitysift.com/an-analysis-of-ms15-034/ auxiliary/scanner/http/ms15_034_http_sys_memory_dump MS15-034 HTTP Protocol Stack Request Handling HTTP.SYS Memory Information Disclosure