Vulnerability Details : CVE-2009-3023
Public exploit exists!
Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability."
Vulnerability category: OverflowMemory CorruptionExecute codeDenial of service
Products affected by CVE-2009-3023
- Microsoft » Internet Information ServerVersions from including (>=) 5.0 and up to, including, (<=) 6.0cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*When used together with: Microsoft » Windows Xp » Version: N/A Update SP2 Professional Edition For X64
Exploit prediction scoring system (EPSS) score for CVE-2009-3023
97.08%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2009-3023
-
MS09-053 Microsoft IIS FTP Server NLST Response Overflow
Disclosure Date: 2009-08-31First seen: 2020-04-26exploit/windows/ftp/ms09_053_ftpd_nlstThis module exploits a stack buffer overflow flaw in the Microsoft IIS FTP service. The flaw is triggered when a special NLST argument is passed while the session has changed into a long directory path. For this exploit to work, the FTP server must be configured to
CVSS scores for CVE-2009-3023
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.0
|
HIGH | AV:N/AC:L/Au:S/C:C/I:C/A:C |
8.0
|
10.0
|
NIST |
CWE ids for CVE-2009-3023
-
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-3023
-
http://www.vupen.com/english/advisories/2009/2481
Third Party Advisory
-
http://www.exploit-db.com/exploits/9541
Exploit;Third Party Advisory;VDB Entry
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6080
Third Party Advisory
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-053
Patch;Vendor Advisory
-
http://www.us-cert.gov/cas/techalerts/TA09-286A.html
Microsoft Updates for Multiple Vulnerabilities | CISAThird Party Advisory;US Government Resource
-
http://www.exploit-db.com/exploits/9559
Exploit;Third Party Advisory;VDB Entry
-
http://www.kb.cert.org/vuls/id/276653
Third Party Advisory;US Government Resource
-
http://www.securityfocus.com/bid/36189
Microsoft IIS FTPd NLST Remote Buffer Overflow VulnerabilityExploit;Third Party Advisory;VDB Entry
-
http://support.microsoft.com/default.aspx?scid=kb;[LN];Q975191
Patch;Vendor Advisory
Jump to