Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2009-3023
HistoryAug 31, 2009 - 8:30 p.m.

CVE-2009-3023

2009-08-3120:30:01
CWE-120
[email protected]
web.nvd.nist.gov
6

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.971

Percentile

99.8%

JSON

Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka “IIS FTP Service RCE and DoS Vulnerability.”

Affected configurations

Nvd
Node
microsoftinternet_information_serverRange5.06.0
AND
microsoftwindows_2000Match-sp4
OR
microsoftwindows_server_2003Match-sp2itanium
OR
microsoftwindows_server_2003Match-sp2x64
OR
microsoftwindows_xpMatch-sp2
OR
microsoftwindows_xpMatch-sp2professionalx64
OR
microsoftwindows_xpMatch-sp3
Node
microsoftwindows_server_2008Match--itanium
OR
microsoftwindows_server_2008Match--x64
OR
microsoftwindows_server_2008Match--x86
OR
microsoftwindows_server_2008Match-sp2itanium
OR
microsoftwindows_server_2008Match-sp2x86
OR
microsoftwindows_server_2008Match-sp2-x86
OR
microsoftwindows_vistaMatch--
OR
microsoftwindows_vistaMatch-x64
OR
microsoftwindows_vistaMatch-sp1-
OR
microsoftwindows_vistaMatch-sp1-x64
OR
microsoftwindows_vistaMatch-sp2
OR
microsoftwindows_vistaMatch-sp2-x64

Related

seebug 2
saint 4
canvas 1
cve 1
cvelist 1
metasploit 1
packetstorm 1
checkpoint_advisories 2
nessus 2
prion 1
openvas 3
exploitdb 1
securityvulns 1
myhack58 1
seebug
seebug
Microsoft IIS FTPd服务NLST命令远程栈溢出漏洞
2009-09-02 00:00:00
Microsoft IIS FTPd服务NLST命令远程栈溢出漏洞(MS09-053)
2009-10-16 00:00:00
saint
saint
Microsoft IIS FTP Server NLST Command Remote Overflow
2009-09-03 00:00:00
Microsoft IIS FTP Server NLST Command Remote Overflow
2009-09-03 00:00:00
Microsoft IIS FTP Server NLST Command Remote Overflow
2009-09-03 00:00:00
canvas
canvas
Immunity Canvas: IISFTP_NLST
2009-08-31 20:30:00
cve
cve
CVE-2009-3023
2009-08-31 20:30:01
cvelist
cvelist
CVE-2009-3023
2009-08-31 20:00:00
metasploit
metasploit
MS09-053 Microsoft IIS FTP Server NLST Response Overflow
2010-10-05 23:39:14
packetstorm
packetstorm
Microsoft IIS FTP Server NLST Response Overflow
2010-10-06 00:00:00
checkpoint_advisories
checkpoint_advisories
Preemptive Protection against Microsoft Internet Information Services FTP Server Remote Buffer Overflow Vulnerability (MS09-053)
2009-09-02 00:00:00
Microsoft IIS FTP Server Recursive Listing Denial of Service (CVE-2009-2521; CVE-2009-3023)
2009-09-08 00:00:00
nessus
nessus
MS09-053: Microsoft IIS FTPd NLST Command Remote Buffer Overflow (975191) (uncredentialed check)
2009-10-13 00:00:00
MS09-053: Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution (975254)
2009-10-13 00:00:00
prion
prion
Buffer overflow
2009-08-31 20:30:00
openvas
openvas
Microsoft IIS FTPd NLST stack overflow
2009-09-02 00:00:00
Microsoft IIS FTP Service Remote Code Execution Vulnerabilities (975254)
2009-10-15 00:00:00
Microsoft IIS FTP Service Remote Code Execution Vulnerabilities (975254)
2009-10-15 00:00:00
exploitdb
exploitdb
Microsoft IIS FTP Server - NLST Response Overflow (MS09-053) (Metasploit)
2010-11-12 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS09-053 - Important Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution (975254)
2009-10-13 00:00:00
myhack58
myhack58
Those years make us tremble in fear of the IIS vulnerability-vulnerability warning-the black bar safety net
2018-11-23 00:00:00

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.971

Percentile

99.8%

JSON
Related for NVD:CVE-2009-3023
seebug2saint4canvas1cve1cvelist1metasploit1packetstorm1checkpoint_advisories2nessus2prion1openvas3exploitdb1securityvulns1myhack581