See here (https://isc.sans.edu/forums/diary/MS15034+HTTPsys+IIS+DoS+And+Possible+Remote+Code+Execution+PATCH+NOW/19583/#33943)
There is known exploit in the wild and we do not powershell way to test it. The one specified in this article does not work as AddRange would not allow to enter number bigger then Int64 and hence fail.
We need to use Private method within WebHeader collection but I’m stuck since code below does not return actual object which it shall.
[System.Net.WebHeaderCollection].GetType().GetMethod(“AddWithoutValidate”, 36) -eq $null