Security Home > Internet Services

IIS Malformed FTP List Request Vulnerability

A buffer overflow exists in a component that processes "list" commands in the Internet Information Server FTP service. This vulnerability could allow denial of service attacks against the server or, under certain conditions, could allow arbitrary code to be executed on the server.

Issue

The FTP service in IIS has an unchecked buffer in a component that processes "list" commands. This results in a vulnerability that poses two threats to safe operation. The first is a denial of service threat; a malformed "list" request could overflow the buffer causing the server to crash. The second is more esoteric and would be far more difficult to exploit. A carefully-constructed "list" request could cause arbitrary code to execute on the server via a classic buffer overrun technique. Neither variant could be exploited accidentally.

It is noteworthy that the "list" command is only available to users after they have authenticated to the server. As a result, only users who are authorized to use the server would be able to mount such an attack, and their presence on the server could be logged if the owner of the site chose to do so. However, many sites provide guest accounts, and this could allow a malicious user to attack the server anonymously.

Affected Products

  • Internet Information Server 3.0 and 4.0

Solution

Microsoft has posted hot fixes to address this problem. Please note that all of these patches are designed to be applied atop Windows NT 4.0 SP4.

Further Details

Source: Microsoft Corporation

Reference: Microsoft Corporation

Updated: February 3, 1999

>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<

More Guides » Registry Guide Support Forums Software Guide Scripting Guide Search