Microsoft IIS FTPd Remote Buffer Overflow Vulnerability
Schweregrad:: Kritisch
CVE Kennungen:: CVE-2009-3023
Hinweisdatum: 21 Juli 2015
Beschreibung
Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability."
Trend Micro Lösungen
Apply associated Trend Micro DPI Rules.
Lösungen
Patch:: http://www.microsoft.com/technet/security/Bulletin/MS09-053.mspx
Trend Micro Deep Security DPI Rule Number: 1003698
Trend Micro Deep Security DPI Rule Name: 1003698 - Microsoft IIS FTPd Remote Buffer Overflow Vulnerability
Betroffene Software und Version:
- Microsoft IIS 6.0
- Microsoft IIS 5.0