Check Point Advisories

Preemptive Protection against Microsoft Internet Information Services FTP Server Remote Buffer Overflow Vulnerability (MS09-053)

Check Point Reference: CPAI-2009-153
Date Published: 2 Sep 2009
Severity: Critical
Last Updated: 13 Oct 2009
Source: Microsoft Security Advisory (975191)
Microsoft Security Bulletin MS09-053
Industry Reference:CVE-2009-3023
Protection Provided by:
Who is Vulnerable? Microsoft Internet Information Services 5.x
Microsoft Internet Information Services 6.0
Vulnerability Description A remote code execution vulnerability has been discovered in Microsoft Internet Information Services (IIS). IIS is a collection of Internet services packaged with several versions of the Windows operating system. IIS includes a FTP server service for exchanging and manipulating files over a TCP computer network. A remote attacker with write access in the FTP service could use this vulnerability to cause a stack-based overrun and execute arbitrary code in the context of the local system.
Update/Patch AvaliableApply patches:
Microsoft Security Bulletin MS09-053
Vulnerability DetailsThe vulnerability is due to an error in IIS that fails to do sufficient bounds checking when processing an FTP NLST command. A remote attacker may exploit this issue by crafting an FTP session. Successful exploitation of this vulnerability would allow the attacker to take complete control of the affected system.

Protection Overview

×
  Feedback
This website uses cookies to ensure you get the best experience. Got it, Thanks! MORE INFO