Microsoft Internet Information Server (IIS) includes a web server and an FTP server.
A stack overflow in the FTP server in IIS 5 and 6.0 via a crafted NLST command that uses wildcards allows remote authenticated users to execute arbitrary code in IIS 5 and to cause a denial of service in IIS 6.0.
Apply the relevant Microsoft patch when it becomes available.
The FTP site directory must be writable and a valid user account must be provided.
Exploit works on IIS 5.0 on Windows 2000 SP4 English.