Professional Webmasters Community
Would you like to react to this message? Create an account in a few clicks or log in to continue.
Professional Webmasters Community

your are free to explore your reviews, thoughts, suggestion and guidelines on every online tech talk.


MS IIS FTPD DoS ZER0DAY

Professional Webmasters Community :: Webmaster Speak :: Tech Talk

Go down

MS IIS FTPD DoS ZER0DAY Empty MS IIS FTPD DoS ZER0DAY

Post  andry Fri Oct 29, 2010 7:10 am

Microsoft Internet Information Services 5.0/6.0 FTP SERVER DENIAL OF SERVICE

There is a DoS vulnerability in the globbing functionality of IIS FTPD.
Anonymous users can exploit this if they have read access to a directory!!!
Normal users can exploit this too if they can read a directory.

Example session where the anonymous user has read access to the folder "pub":

See:http://archives.free.net.ph
andry
andry
Moderator
Moderator

Posts : 467
Join date : 2010-05-07

Back to top Go down

Back to top

Professional Webmasters Community :: Webmaster Speak :: Tech Talk

 
Permissions in this forum:
You cannot reply to topics in this forum