{"vuid":"VU#842372","idnumber":"842372","name":"Microsoft IIS FTP server memory corruption vulnerability","keywords":["Microsoft","IIS","FTP Server","Pre-Authentication Memory Corruption"],"overview":"Microsoft IIS FTP server 7.5 is affected by a pre-authentication memory corruption vulnerability.","clean_desc":"A specifically crafted request sent to the IIS FTP service can result in memory corruption causing the service to crash. A denial-of-service exploit has been released to the public. IIS 7.5.7600.16385 on Windows 7 is reported to be affected. Other versions may also be affected. Additional details are available on Microsoft's Security Research & Defense blog.","impact":"An attacker can cause a denial of service. Depending on the specifics of the vulnerability, an attacker could potentially execute arbitrary code.","resolution":"We are currently unaware of a practical solution to this problem.","workarounds":"Restrict Access\nAppropriate firewall rules should be implemented to restrict access to trusted sources. Customers of IPS vendors should request updated signatures for this vulnerability and block related traffic.","sysaffected":"","thanks":"This vulnerability was reported to the public by Matthew Bergin via Exploit-DB.","author":"This document was written by Jared Allar.","public":["http://blogs.technet.com/b/srd/archive/2010/12/22/assessing-an-iis-ftp-7-5-unauthenticated-denial-of-service-vulnerability.aspx","http://secunia.com/advisories/42713","http://www.exploit-db.com/exploits/15803/"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2010-12-22T16:39:10Z","publicdate":"2010-12-21T00:00:00Z","datefirstpublished":"2010-12-22T18:31:37Z","dateupdated":"2010-12-23T15:22:07Z","revision":11,"vrda_d1_directreport":"0","vrda_d1_population":"2","vrda_d1_impact":"2","cam_widelyknown":"20","cam_exploitation":"0","cam_internetinfrastructure":"10","cam_population":"10","cam_impact":"3","cam_easeofexploitation":"15","cam_attackeraccessrequired":"7","cam_scorecurrent":"1.771875","cam_scorecurrentwidelyknown":"1.771875","cam_scorecurrentwidelyknownexploited":"2.953125","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":1.771875,"vulnote":null}