Microsoft IIS 5.0 FTP Server Remote Stack Overflow Exploit (win2k sp4)

Microsoft IIS 5.0 FTP Server Remote Stack Overflow Exploit (win2k sp4)

US Cert Vulnerability Note VU#276653 notes that the Microsoft IIS FTP server contains a stack buffer overflow in the handling of directory names, which may allow a remote, authenticated attacker to execute arbitrary code on a vulnerable system.

In the actual exploit code, the author states that the vulnerability affects IIS 5.0, as well as IIS 6.0 with stack cookie protection

milw0rm 링크 < - 클릭