Check Point Advisories

Preemptive Protection against Microsoft Internet Information Services FTP Server Remote Buffer Overflow Vulnerability (MS09-053)

Check Point Reference: CPAI-2009-153
Date Published: 2 Sep 2009
Severity: Critical
Last Updated: Tuesday 13 October, 2009
Source: Microsoft Security Advisory (975191)
Microsoft Security Bulletin MS09-053
Industry Reference:CVE-2009-3023
Protection Provided by:
Who is Vulnerable? Microsoft Internet Information Services 5.x
Microsoft Internet Information Services 6.0
Vulnerability Description A remote code execution vulnerability has been discovered in Microsoft Internet Information Services (IIS). IIS is a collection of Internet services packaged with several versions of the Windows operating system. IIS includes a FTP server service for exchanging and manipulating files over a TCP computer network. A remote attacker with write access in the FTP service could use this vulnerability to cause a stack-based overrun and execute arbitrary code in the context of the local system.
Update/Patch AvaliableApply patches:
Microsoft Security Bulletin MS09-053
Vulnerability DetailsThe vulnerability is due to an error in IIS that fails to do sufficient bounds checking when processing an FTP NLST command. A remote attacker may exploit this issue by crafting an FTP session. Successful exploitation of this vulnerability would allow the attacker to take complete control of the affected system.

Protection Overview

This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.