Описание
Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability."
Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability."
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2009-3023
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-053
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6080
- http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ975191
- http://support.microsoft.com/default.aspx?scid=kb;[LN];Q975191
- http://www.exploit-db.com/exploits/9541
- http://www.exploit-db.com/exploits/9559
- http://www.kb.cert.org/vuls/id/276653
- http://www.securityfocus.com/bid/36189
- http://www.us-cert.gov/cas/techalerts/TA09-286A.html
- http://www.vupen.com/english/advisories/2009/2481
Связанные уязвимости
Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability."
Уязвимость программного пакета Internet Informatiom Services, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Уязвимость программного пакета Internet Informatiom Services, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код