9 matches found
Microsoft IIS FTP Server Encoded Response Overflow Trigger
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft IIS FTP Server Encoded Response Overflow Trigger', 'Description' = %q This module triggers a heap overflow when processing a specially...
Microsoft IIS FTP Server Telnet IAC Buffer Overflow (CVE-2010-3972)
A heap buffer overflow vulnerability exists within the Microsoft Internet Information Services IIS FTP Service. The vulnerability is due to a memory corruption encountered when encoding Telnet IAC characters in a FTP response. A remote unauthenticated attacker may exploit this vulnerability by...
MS11-004: Vulnerability in Internet Information Services (IIS) FTP Service Could Allow Remote Code Execution (2489256)
The IIS FTP service running on the remote host has a heap-based buffer overflow vulnerability. The 'TELNETSTREAMCONTEXT::OnSendData' function fails to properly sanitize user input, resulting in a buffer overflow. An unauthenticated, remote attacker can exploit this to execute arbitrary code. C...
Microsoft IIS FTP Server Encoded Response Overflow Trigger
This module triggers a heap overflow when processing a specially crafted FTP request containing Telnet IAC 0xff bytes. When constructing the response, the Microsoft IIS FTP Service overflows the heap buffer with 0xff bytes. This issue can be triggered pre-auth and may in fact be exploitable for...
Microsoft Windows IIS FTP Server DOS Vulnerability
Microsoft IIS with FTP server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2010-3972
Heap-based buffer overflow in the TELNETSTREAMCONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services IIS 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service daemon crash via a crafted FTP...
CVE-2010-3972
Heap-based buffer overflow in the TELNETSTREAMCONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services IIS 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service daemon crash via a crafted FTP...
CVE-2010-3972
Summary (CVE-2010-3972): A heap-based buffer overflow in the FTP service of Microsoft IIS (ftpsvc.dll) on IIS 7.0/7.5 enables remote code execution or DoS via a crafted FTP command. Affects Microsoft IIS FTP Service; root cause is improper handling of Telnet IAC data in TELNET_STREAM_CONTEXT::OnS...
CVE-2010-3972
creationtimestamp| type| source ---|---|--- 2010-12-21 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/15803 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/windows/ftp/iis75ftpdiacbof.rb 2020-10-09 15:58:23+00:00|...