Oval Definition:oval:org.mitre.oval:def:6080
Revision Date:2011-10-31Version:20
Title:IIS FTP Service RCE and DoS Vulnerability
Description:Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2009-3023
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s):Microsoft Internet Information Server (IIS)
Definition Synopsis
  • Windows 2000 SP4 - IIS 5.0 (FTP Service 5.0)
  • Microsoft Windows 2000 SP4 or later is installed
  • AND Microsoft IIS 5.0 is installed
  • AND The version of ftpsvc2.dll is less than 5.0.2195.7336
  • OR Windows XP x86 SP2 - IIS 5.1 (FTP Service 5.1)
  • Microsoft Windows XP (x86) SP2 is installed
  • AND Microsoft IIS 5.1 is installed
  • AND The version of ftpsvc2.dll is less than 6.0.2600.3624
  • OR Windows XP x86 SP3 - IIS 5.1 (FTP Service 5.1)
  • Microsoft Windows XP (x86) SP3 is installed
  • AND Microsoft IIS 5.1 is installed
  • AND The version of ftpsvc2.dll is less than 6.0.2600.5875
  • OR Windows XP SP2 x64/Windows 2003 SP2 (x86/x64/ia64) - IIS 6.0 (FTP Service 6.0)
  • Windows XP SP2 x64/Windows 2003 SP2 (x86/x64/ia64)
  • Microsoft Windows XP x64 Edition SP2 is installed
  • OR Microsoft Windows Server 2003 SP2 (x86) is installed
  • OR Microsoft Windows Server 2003 SP2 (x64) is installed
  • OR Microsoft Windows Server 2003 (ia64) Gold is installed
  • AND Microsoft IIS 6.0 is installed
  • AND The version of ftpsvc2.dll is less than 6.0.3790.4584
    • BACK