https://github.com/edwardz246003/IIS_exploit
There has been a security bug found in Server 2003 linked to the IIS Web Server. This server is out of support with Microsoft so a fix will not be produced by them in the long run.
Recommendations will be to remove this server from any public IP you have especially on port 80 and upgrade to a newer version of windows ASAP!