Microsoft has announced a vulnerability in the IIS FTP service. This vulnerability allows a stack-based buffer overflow, caused by improper bounds checking by the FTPd service. By sending an overly long NLST command, a remote attacker could overflow a buffer and execute arbitrary code on the system with elevated privileges or cause the application to crash.
| IPS Vendor | Protection | Date | Link | |
| IBM/ISS | yes | Jun 6, 2002 Sept 3, 2003 |
http://bit.ly/2loiYU | |
| Cisco | yes | Sept 2, 2009 | http://bit.ly/YJ97S | |
| Mcafee | yes | Aug 31, 2009 | No link |
It is nice to see IBM/ISS with coverage dating back 6-7 years! The primary signature FTP_Mkd_Overflow was originally developed for a vulnerability in the WS_FTP Server will provide protection for this vulnerability as well, this signature is enabled by default.
Exploit code has been placed on Milw0rm and has been added to MetaSploit.
Blogger Labels: Microsoft,Advisory,FTPd,NLST,attacker,Cisco,Mcafee,coverage,signature,WS_FTP,Exploit,MetaSploit
| 
| 
| 
| 
| 
| 
