Check Point Advisories

Preemptive Protection against Microsoft IIS FTP Server Telnet IAC Buffer Overflow Vulnerability (MS11-004)

Check Point Reference: CPAI-2010-351
Date Published: 26 Dec 2010
Severity: Critical
Last Updated: Thursday 30 December, 2010
Source: Microsoft Security Research & Defense
Microsoft Security Bulletin MS11-004
Industry Reference:CVE-2010-3972
Protection Provided by:
Who is Vulnerable? Microsoft Internet Information Services (IIS) 7.5
Vulnerability Description A heap buffer overflow vulnerability has been reported within the Microsoft Internet Information Services (IIS) FTP Service. IIS is a collection of Internet services packaged with several versions of the Windows operating system. IIS includes a FTP server service for exchanging and manipulating files over a TCP computer network. A remote attacker could use this vulnerability to cause a heap-based buffer overflow and execute arbitrary code on an affected system.
Update/Patch AvaliableApply patches:
Microsoft Security Bulletin MS11-004 
Vulnerability Details
The vulnerability is due to a memory corruption in the IIS FTP Service when encoding Telnet IAC characters in a FTP response. A remote unauthenticated attacker may exploit this issue by sending a crafted FTP request to a target server. Successful exploitation of this vulnerability can lead to execution of arbitrary code or a denial of service condition of FTP services.

Protection Overview

This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.