This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.
The remote FTP server is affected by multiple vulnerabilities.
The remote host has a version of IIS whose FTP service is affected by
one or both of the following vulnerabilities :
- By sending specially crafted list commands to the
remote Microsoft FTP service, an attacker is able
to cause the service to become unresponsive.
- A flaw in the way the installed Microsoft FTP service
in IIS handles list commands can be exploited to
execute remote commands in the context of the
LocalSystem account with IIS 5.0 under Windows 2000 or
to cause the FTP server to stop and become unresponsive
with IIS 5.1 under Windows XP or IIS 6.0 under Windows
See also :
Microsoft has released a set of patches for IIS 5.0, 5.1, 6.0, and
Risk factor :
High / CVSS Base Score : 9.0
CVSS Temporal Score : 7.4
Public Exploit Available : true