Author Topic: MS IIS FTPD DoS ZER0DAY  (Read 2463 times)

0 Members and 1 Guest are viewing this topic.

September 04, 2009, 10:16:59 pm
Read 2463 times

pcaccent

  • Special Access
  • Sr. Member

  • Offline
  • *

  • 190
Quote
***** MS IIS FTPD DoS ZER0DAY *****

There is a DoS vulnerability in the globbing functionality of IIS FTPD.
Anonymous users can exploit this if they have read access to a directory!!!
Normal users can exploit this too if they can read a directory.
.
Quote
http://archives.free.net.ph/message/20090903.215352.6e5d3f0a.en.html
http://www.microsoft.com/technet/security/advisory/975191.mspx
http://blogs.technet.com/msrc/archive/2009/09/03/microsoft-security-advisory-975191-revised.aspx
http://isc.sans.org/diary.html?storyid=7063