SECUNIA ADVISORY ID: SA42713
VERIFY ADVISORY: Secunia.com: http://secunia.com/advisories/42713/
CRITICALITY: Highly Critical
RELEASE DATE: 2010-12-23
DESCRIPTION: Matthew Bergin has discovered a vulnerability in Microsoft Internet Information Services (IIS), which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is confirmed in a fully patched IIS 7.5 for Windows 7 Professional. Other versions may also be affected.
The vulnerability is caused due to an error when processing FTP requests and can be exploited to corrupt memory via an overly long, specially crafted request. Successful exploitation may allow execution of arbitrary code.
SOLUTION: Restrict traffic to the FTP service.
PROVIDED AND/OR DISCOVERED BY: Matthew Bergin
ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/15803/
Microsoft IIS FTP Server Pre-Authentication Memory CorruptionPosted on Wednesday, December 22, 2010 @ 21:08:13 UTC in Security Associated Topics
 |
Related
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
