Preemptive Protection against Microsoft Internet Information Services FTP Server Remote Buffer Overflow Vulnerability (MS09-053)
| Check Point Reference: | CPAI-2009-153 | |
| Date Published: | ||
| Preemptive Since: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Microsoft Security Advisory (975191) Microsoft Security Bulletin MS09-053 |
|
| Industry Reference(s): | CVE-2009-3023 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Microsoft Internet Information Services 5.x Microsoft Internet Information Services 6.0 | ||
| Vulnerability Description A remote code execution vulnerability has been discovered in Microsoft Internet Information Services (IIS). IIS is a collection of Internet services packaged with several versions of the Windows operating system. IIS includes a FTP server service for exchanging and manipulating files over a TCP computer network. A remote attacker with write access in the FTP service could use this vulnerability to cause a stack-based overrun and execute arbitrary code in the context of the local system. |
||
|
Update/Patch Available Apply patches: Microsoft Security Bulletin MS09-053 |
|
|
Vulnerability Details The vulnerability is due to an error in IIS that fails to do sufficient bounds checking when processing an FTP NLST command. A remote attacker may exploit this issue by crafting an FTP session. Successful exploitation of this vulnerability would allow the attacker to take complete control of the affected system. |
Protection Overview
This protection will detect and block attempts to exploit this vulnerability. No update is required to address this vulnerability.
Users of Security Gateway R70 with the IPS Software Blade are automatically protected from this vulnerability if they use the Recommended Profile settings.
To configure the defense, select your product from the list below and follow the related protection steps.