Preface: FTP NLST directory overflowLogo -Internet Security Systems

FTP NLST directory overflow
advICE :Intrusions : 2001319
 FAQ
Oh my gosh, I'm being HACKED!!!
How do I report the hacker to my ISP?
I'm seeing lots of attacks, is this normal?
Summary

An attempt has been made to overflow the NLST command.on the target FTP server.

Details

Some FTP servers do not bounds-check a supplied directory name. This can result in a classic buffer-overflow bug allowing an intruder to break into the system.

Defense

Most systems are not vulnerable to this bug. See below to see if your system is one of those listed.

 more information
BugtraqID: 192   NT IIS FTP DoS / Buffer Overflow Vulnerability
 
Q188348  
 
CVE-1999-0349   IIS NLST buffer overflow
 
MS Bulletin: MS99-003  
  
 
Version appeared: 2.1
Privacy Policy |  Copyright Info