Buffer Overflow in FTP Service of Microsoft Internet Information Services (IIS)
CVE-2009-3023

Currently unrated

Key Information:

Vendor: Microsoft
Status: Internet Information Server
Vendor: CVE Published:; 31 August 2009

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 79%

What is CVE-2009-3023?

A buffer overflow vulnerability exists in the FTP Service of Microsoft Internet Information Services (IIS) versions 5.0 and 6.0, which can be exploited by remote authenticated users. This vulnerability occurs due to improper handling of the NLST command with wildcards, allowing attackers to execute arbitrary code on the affected system. Successful exploitation can result in memory corruption, causing significant security threats to the server including remote code execution and denial of service.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2009-3023 - Proof of Concept

References

http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN...

vendor-advisoryx_refsource_MSKB

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.securityfocus.com/bid/36189

vdb-entryx_refsource_BID

EPSS Score

79% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Aug 31, 2009
👾
Exploit known to exist
Aug 31, 2009
Vulnerability published
Aug 31, 2009
Vulnerability Reserved
Aug 31, 2009

CVE-2009-3023 Data

JSON