Preemptive Protection against Microsoft IIS FTP Server Telnet IAC Buffer Overflow Vulnerability (MS11-004)
| Check Point Reference: | CPAI-2010-351 | |
| Date Published: | ||
| Preemptive Since: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Microsoft Security Research & Defense Microsoft Security Bulletin MS11-004 |
|
| Industry Reference(s): | CVE-2010-3972 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Microsoft Internet Information Services (IIS) 7.5 | ||
| Vulnerability Description A heap buffer overflow vulnerability has been reported within the Microsoft Internet Information Services (IIS) FTP Service. IIS is a collection of Internet services packaged with several versions of the Windows operating system. IIS includes a FTP server service for exchanging and manipulating files over a TCP computer network. A remote attacker could use this vulnerability to cause a heap-based buffer overflow and execute arbitrary code on an affected system. |
||
|
Update/Patch Available Apply patches: Microsoft Security Bulletin MS11-004 |
|
|
Vulnerability Details The vulnerability is due to a memory corruption in the IIS FTP Service when encoding Telnet IAC characters in a FTP response. A remote unauthenticated attacker may exploit this issue by sending a crafted FTP request to a target server. Successful exploitation of this vulnerability can lead to execution of arbitrary code or a denial of service condition of FTP services.
|
Protection Overview
This protection will detect and block attempts to exploit this vulnerability. No update is required to address this vulnerability.
Users of Security Gateway R70/71/75 with the IPS Software Blade are automatically protected from this vulnerability if they use the Recommended Profile settings.
To configure the defense, select your product from the list below and follow the related protection steps.