Arcom IT
Focused on your business
Home About Contact
Guildford - 01483 505055
Shoreham - 0845 2414123


Rate this page

How would you rate the quality of this page?



Poor -> Excellent

(Optional)

Vulnerability in Internet Information Services FTP Service Could Allow Remote Code Execution

Wednesday, 2nd September 2009

Description

Microsoft is investigating reports of multiple vulnerabilities in the FTP Service in Microsoft Internet Information Services (IIS) 5.0, 5.1, 6.0 and 7.0. An attacker who successfully exploited this vulnerability on an IIS 5.0 system could execute code in the context of the local system. On an IIS 5.1, 6.0 or 7.0 system, the attacker could cause the FTP service to crash.

Although these vulnerabilities are not being actively exploited, detailed exploit code has been released.

Versions Affected

  • Windows 2000 - IIS 5.0;
  • Windows XP - IIS 5.1;
  • Windows Server 2003 - IIS 6.0;
  • Windows Vista - IIS 7.0 (FTP Service 6.0);
  • Windows Server 2008 - IIS 7.0 (FTP Service 6.0);

Vendor Response

Microsoft has released a security advisory which gives details of the problem. Microsoft is currently working to develop a security update for Windows to address this vulnerability and will release the update when it has reached an appropriate level of quality for broad distribution.

More Information

Back to list

Arcom IT adds value to the local community by actively investing time and resource into local causes.
© 2010 Arcom IT Ltd | All Rights Reserved
XHTML 1.0