SECUNIA ADVISORY ID: SA42713
VERIFY ADVISORY: Secunia.com: http://secunia.com/advisories/42713/
CRITICALITY: Highly Critical
RELEASE DATE: 2010-12-23
DESCRIPTION: Matthew Bergin has discovered a vulnerability in Microsoft Internet Information Services (IIS), which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is confirmed in a fully patched IIS 7.5 for Windows 7 Professional. Other versions may also be affected.
The vulnerability is caused due to an error when processing FTP requests and can be exploited to corrupt memory via an overly long, specially crafted request. Successful exploitation may allow execution of arbitrary code.
SOLUTION: Restrict traffic to the FTP service.
PROVIDED AND/OR DISCOVERED BY: Matthew Bergin
ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/15803/
|
This article comes from Ravens PHP Scripts
https://www.ravenphpscripts.com
The URL for this story is:
https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3876
https://www.ravenphpscripts.com
The URL for this story is:
https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3876