Vulnerability Note VU#842372

Microsoft IIS FTP server memory corruption vulnerability

Original Release date: 22 Dec 2010 | Last revised: 23 Dec 2010

Overview

Microsoft IIS FTP server 7.5 is affected by a pre-authentication memory corruption vulnerability.

Description

A specifically crafted request sent to the IIS FTP service can result in memory corruption causing the service to crash. A denial-of-service exploit has been released to the public. IIS 7.5.7600.16385 on Windows 7 is reported to be affected. Other versions may also be affected. Additional details are available on Microsoft's Security Research & Defense blog.

Impact

An attacker can cause a denial of service. Depending on the specifics of the vulnerability, an attacker could potentially execute arbitrary code.

Solution

We are currently unaware of a practical solution to this problem.

Restrict Access

Appropriate firewall rules should be implemented to restrict access to trusted sources. Customers of IPS vendors should request updated signatures for this vulnerability and block related traffic.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
Microsoft CorporationAffected-22 Dec 2010
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

This vulnerability was reported to the public by Matthew Bergin via Exploit-DB.

This document was written by Jared Allar.

Other Information

  • CVE IDs: Unknown
  • Date Public: 21 Dec 2010
  • Date First Published: 22 Dec 2010
  • Date Last Updated: 23 Dec 2010
  • Severity Metric: 1.77
  • Document Revision: 10

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.