MS09-053: Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution (975254)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote FTP server is affected by multiple vulnerabilities.

Description :

The remote host has a version of IIS whose FTP service is affected by
one or both of the following vulnerabilities :

- By sending specially crafted list commands to the
remote Microsoft FTP service, an attacker is able
to cause the service to become unresponsive.
(CVE-2009-2521)

- A flaw in the way the installed Microsoft FTP service
in IIS handles list commands can be exploited to
execute remote commands in the context of the
LocalSystem account with IIS 5.0 under Windows 2000 or
to cause the FTP server to stop and become unresponsive
with IIS 5.1 under Windows XP or IIS 6.0 under Windows
2003. (CVE-2009-3023)

See also :

https://technet.microsoft.com/library/security/MS09-053

Solution :

Microsoft has released a set of patches for IIS 5.0, 5.1, 6.0, and
7.0.

Risk factor :

High / CVSS Base Score : 9.0
(CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 42109 ()

Bugtraq ID: 36273
36189

CVE ID: CVE-2009-2521
CVE-2009-3023

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial