The web server which has been developed by Microsoft seems to hold a vulnerability which allows cybercriminals and unauthorized users to perform a remote code execution attack on the vulnerable IIS server.
The research from ma.ttias.be states that the remote execution vulnerability exists in the HTTP protocol stack. He explains that the vulnerability is triggered when the HTTP.sys improperly parses specially crafted HTTP requests.
The research also explains that exploits have been crafted and that they are in the wild. The command below would provide information to cybercriminals and unauthorized users about the fact if a IIS server is vulnerable to the attack or not.
curl -v 10.0.1.1/ -H “Host: irrelevant” -H “Range: bytes=0-18446744073709551615”