Lucene search

K
saintSAINT CorporationSAINT:6813D3D67F1003EDB85213063CAD08B6
HistorySep 03, 2009 - 12:00 a.m.

Microsoft IIS FTP Server NLST Command Remote Overflow

2009-09-0300:00:00
SAINT Corporation
download.saintcorporation.com
16

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

EPSS

0.97

Percentile

99.7%

Added: 09/03/2009
CVE: CVE-2009-3023
BID: 36189
OSVDB: 57589

Background

Microsoft Internet Information Server (IIS) includes a web server and an FTP server.

Problem

A stack overflow in the FTP server in IIS 5 and 6.0 via a crafted NLST command that uses wildcards allows remote authenticated users to execute arbitrary code in IIS 5 and to cause a denial of service in IIS 6.0.

Resolution

Apply the relevant Microsoft patch when it becomes available.

References

<http://www.securityfocus.com/bid/36189&gt;

Limitations

The FTP site directory must be writable and a valid user account must be provided.

Exploit works on IIS 5.0 on Windows 2000 SP4 English.

Platforms

Windows 2000

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

EPSS

0.97

Percentile

99.7%