Vulnerability Details : CVE-2010-3972 (1 public exploit)

Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted FTP command, aka "IIS FTP Service Heap Buffer Overrun Vulnerability." NOTE: some of these details are obtained from third party information.
Publish Date : 2010-12-23 Last Update Date : 2021-02-05

Collapse All Expand All Select Select&Copy	Scroll To Vendor Statements(0) Additional Vendor Data(0) OVAL Definitions(0) Vulnerable Products(0) # Of Vulns By Products References(0) Metasploit Modules(0)	Comments View User Comments Add Comment	External Links Secunia Advisories XForce Advisories Vulnerability Details at NVD Vulnerability Details at Mitre Nessus Plugins Linux Kernel Git Repository First CVSS Guide
Search Twitter Search YouTube Search Google

- CVSS Scores & Vulnerability Types

CVSS Score	10.0
Confidentiality Impact	Complete (There is total information disclosure, resulting in all system files being revealed.)
Integrity Impact	Complete (There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the entire system being compromised.)
Availability Impact	Complete (There is a total shutdown of the affected resource. The attacker can render the resource completely unavailable.)
Access Complexity	Low (Specialized access conditions or extenuating circumstances do not exist. Very little knowledge or skill is required to exploit. )
Authentication	Not required (Authentication is not required to exploit the vulnerability.)
Gained Access	None
Vulnerability Type(s)	Denial Of ServiceExecute CodeOverflowObtain Information
CWE ID	119

- Related OVAL Definitions

Title	Definition Id	Class	Family
IIS FTP Service Heap Buffer Overrun Vulnerability	oval:org.mitre.oval:def:12370		windows
MS11-004: Vulnerability in Internet Information Services (IIS) FTP Service Could Allow Remote Code Execution (2489256)	oval:gov.nist.fdcc.patch:def:11730		windows

OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify a vulnerability or a missing patch. Check out the OVAL definitions if you want to learn what you should do to verify a vulnerability.

- Products Affected By CVE-2010-3972

#	Product Type	Vendor	Product	Version	Update	Edition	Language
1	Application	Microsoft	Internet Information Services	7.5	*	*	*	Version Details Vulnerabilities

- Number Of Affected Versions By Product

Vendor	Product	Vulnerable Versions
Microsoft	Internet Information Services	1

- References For CVE-2010-3972

http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx

https://exchange.xforce.ibmcloud.com/vulnerabilities/64248
XF ms-iis-onsenddata-bo(64248)

http://www.kb.cert.org/vuls/id/842372
CERT-VN VU#842372

http://www.securitytracker.com/id?1024921
SECTRACK 1024921

Exploit! http://www.exploit-db.com/exploits/15803
EXPLOIT-DB 15803 Windows 7 IIS7.5 FTPSVC UNAUTH'D Remote DoS PoC Author:Matthew Bergin Release Date:2010-12-21 (windows) dos

http://www.securityfocus.com/bid/45542
BID 45542 Microsoft IIS FTP Service Remote Buffer Overflow Vulnerability Release Date:2011-03-08

http://www.vupen.com/english/advisories/2010/3305
VUPEN ADV-2010-3305

http://secunia.com/advisories/42713
SECUNIA 42713

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12370
OVAL oval:org.mitre.oval:def:12370

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-004
MS MS11-004

- Metasploit Modules Related To CVE-2010-3972

There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)