Check Point Advisories

Preemptive Protection against Microsoft IIS FTP Server Telnet IAC Buffer Overflow Vulnerability (MS11-004)

Check Point Reference: CPAI-2010-351
Date Published: 26 Dec 2010
Severity: Critical
Last Updated: 30 Dec 2010
Source: Microsoft Security Research & Defense
Microsoft Security Bulletin MS11-004
Industry Reference:CVE-2010-3972
Protection Provided by:
Who is Vulnerable? Microsoft Internet Information Services (IIS) 7.5
Vulnerability Description A heap buffer overflow vulnerability has been reported within the Microsoft Internet Information Services (IIS) FTP Service. IIS is a collection of Internet services packaged with several versions of the Windows operating system. IIS includes a FTP server service for exchanging and manipulating files over a TCP computer network. A remote attacker could use this vulnerability to cause a heap-based buffer overflow and execute arbitrary code on an affected system.
Update/Patch AvaliableApply patches:
Microsoft Security Bulletin MS11-004 
Vulnerability Details
The vulnerability is due to a memory corruption in the IIS FTP Service when encoding Telnet IAC characters in a FTP response. A remote unauthenticated attacker may exploit this issue by sending a crafted FTP request to a target server. Successful exploitation of this vulnerability can lead to execution of arbitrary code or a denial of service condition of FTP services.

Protection Overview

This website uses cookies to ensure you get the best experience. Got it, Thanks! MORE INFO