ID de Prueba:	1.3.6.1.4.1.25623.1.0.900944
Categoría:	Denial of Service
Título:	Microsoft IIS FTP Server 'ls' Command DoS Vulnerability
Resumen:	Microsoft IIS with FTP server is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: Microsoft IIS with FTP server is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: A stack consumption error occurs in the FTP server while processing crafted LIST command containing a wildcard that references a subdirectory followed by a .. (dot dot). Vulnerability Impact: Successful exploitation will allow remote authenticated users to crash the application leading to denial of service condition. Affected Software/OS: Microsoft Internet Information Services version 5.0 and 6.0. Solution: Upgrade to IIS version 7.5 CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2521 Cert/CC Advisory: TA09-286A http://www.us-cert.gov/cas/techalerts/TA09-286A.html http://archives.neohapsis.com/archives/fulldisclosure/2009-09/0040.html Microsoft Security Bulletin: MS09-053 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-053 Microsoft Knowledge Base article: 975191 http://support.microsoft.com/default.aspx?scid=kb;[LN];Q975191 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6508
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.