This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.
The remote FTP server is affected by multiple vulnerabilities.
The remote host has a version of IIS whose FTP service is affected by
one or both of the following vulnerabilities :
- By sending specially crafted list commands to the
remote Microsoft FTP service, an attacker is able
to cause the service to become unresponsive.
- A flaw in the way the installed Microsoft FTP service
in IIS handles list commands can be exploited to
execute remote commands in the context of the
LocalSystem account with IIS 5.0 under Windows 2000 or
to cause the FTP server to stop and become unresponsive
with IIS 5.1 under Windows XP or IIS 6.0 under Windows
See also :
Microsoft has released a set of patches for IIS 5.0, 5.1, 6.0, and
Risk factor :
High / CVSS Base Score : 9.0
CVSS Temporal Score : 7.4
Public Exploit Available : true
Family: Windows : Microsoft Bulletins
Nessus Plugin ID: 42109 ()
Bugtraq ID: 3627336189
CVE ID: CVE-2009-2521CVE-2009-3023
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.