Lucene search

K
saintSAINT CorporationSAINT:54344E071A068774A374DCE7F7795E80
HistorySep 03, 2009 - 12:00 a.m.

Microsoft IIS FTP Server NLST Command Remote Overflow

2009-09-0300:00:00
SAINT Corporation
download.saintcorporation.com
148

EPSS

0.97

Percentile

99.7%

Added: 09/03/2009
CVE: CVE-2009-3023
BID: 36189
OSVDB: 57589

Background

Microsoft Internet Information Server (IIS) includes a web server and an FTP server.

Problem

A stack overflow in the FTP server in IIS 5 and 6.0 via a crafted NLST command that uses wildcards allows remote authenticated users to execute arbitrary code in IIS 5 and to cause a denial of service in IIS 6.0.

Resolution

Apply the relevant Microsoft patch when it becomes available.

References

<http://www.securityfocus.com/bid/36189&gt;

Limitations

The FTP site directory must be writable and a valid user account must be provided.

Exploit works on IIS 5.0 on Windows 2000 SP4 English.

Platforms

Windows 2000