CVE-1999-0349

Properties

Published:
26.01.1999
Updated:
14.08.2018
Patch available:
Severity:
High
CVSS vector:
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Product:
microsoft: internet_information_server
microsoft: internet_information_server

Vulnerability description

A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands.

References:

MSKB: http://support.microsoft.com/default.aspx?scid=kb;[LN];Q188348
EEYE: http://www.eeye.com/html/Research/Advisories/IIS%20Remote%20FTP%20Exploit/DoS%20Attack.html
MS: http://www.microsoft.com/technet/security/bulletin/ms99-003.mspx