var-200908-0339
Vulnerability from variot
Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability.". An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. This issue affects the following: IIS 5.0 IIS 5.1 IIS 6.0 (denial of service only) IIS 7.0 (denial of service only) Note that Microsoft IIS 7.0 with FTP Service 7.5 is not affected. Other versions may also be affected. NOTE: This issue cannot be exploited to execute arbitrary code on IIS 6.0 or 7.0. NOTE (September 1, 2009): This issue can be exploited to execute arbitrary code with SYSTEM-level privileges on IIS 5.0. UPDATE (September 8, 2009); This issue may be related to a vulnerability reported in 1999 affecting IIS 3 and IIS 4. We will update this BID as more details emerge. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
The vulnerability is caused due to a boundary error in the FTP server when processing NLST commands. This can be exploited to cause a stack-based buffer overflow by issuing a specially crafted NLST command.
The vulnerability is confirmed as a DoS in IIS 5.1 for Windows XP SP3 and in IIS 6.0 for Windows Server 2003, and reported as code execution in IIS 5.0 for Windows 2000 SP4.
SOLUTION: Restrict access to trusted users only.
PROVIDED AND/OR DISCOVERED BY: Kingcope
ORIGINAL ADVISORY: http://milw0rm.com/exploits/9541
OTHER REFERENCES: VU#276653: http://www.kb.cert.org/vuls/id/276653
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA09-286A
Microsoft Updates for Multiple Vulnerabilities
Original release date: Last revised: -- Source: US-CERT
Systems Affected
* Microsoft Windows and Windows Server
* Microsoft Internet Explorer
* Microsoft Office
* Microsoft .NET Framework
* Microsoft Silverlight
* Microsoft SQL Server
* Microsoft Developer Tools
* Microsoft Forefront
Overview
Microsoft has released updates to address vulnerabilities in Microsoft Windows and Windows Server, Internet Explorer, Office, .NET Framework, Silverlight, SQL Server, Developer Tools, and Forefront.
I. Description
Microsoft has released multiple security bulletins for critical vulnerabilities in Microsoft Windows and Windows Server, Internet Explorer, Office, .NET Framework, Silverlight, SQL Server, Developer Tools, and Forefront. These bulletins are described in the Microsoft Security Bulletin Summary for October 2009.
II.
III. Solution
Apply updates from Microsoft
Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for October 2009. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS).
IV. References
-
Microsoft Security Bulletin Summary for October 2009 - http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx
-
Microsoft Windows Server Update Services - http://technet.microsoft.com/en-us/wsus/default.aspx
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-286A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA09-286A Feedback VU#788021" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
October 13, 2009: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBStTKrtucaIvSvh1ZAQL82wf+PgEKeQvhJ5HQGJ3S0/VzCP7/PzauiWrW Zm/l1mlzOpp6F81G35xHfnOXJ9pY5/rv5Ez80ME8mQrYi8K0IHiA24mHBXu9vFSk crtGkpGGqvrPRxJbuC+otsy8wtYzAu6fa6np3FF+fGFCvhAuf5kzfEMHR79BNC4A 04Lz7zJvO+7w+y4mt4lbfc7FJnoPm5kIFu3hQV2KmsnATipYUB8gVVqb6mpkCsbR aIbgKdyXFWeLiQVPN3bwUt4yE0FnpWT89eZCANdFtOSHVl2ff3cumR9YB1mHDUbQ 8qomBgx1goC2DlRRcX0EpyJp1+4fLl1pnuHD1Qtt1LTYyZ+sTq566g== =sbjN -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200908-0339",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iis",
"scope": "eq",
"trust": 1.7,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "iis",
"scope": "eq",
"trust": 1.7,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": "iis",
"scope": "eq",
"trust": 1.1,
"vendor": "microsoft",
"version": "5.1"
},
{
"model": "internet information server",
"scope": "lte",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "internet information server",
"scope": "gte",
"trust": 1.0,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "iis",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "7.5"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#276653"
},
{
"db": "BID",
"id": "36189"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002072"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-498"
},
{
"db": "NVD",
"id": "CVE-2009-3023"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:microsoft:iis",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002072"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kingcope\u203b kingcope@gmx.net",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200908-498"
}
],
"trust": 0.6
},
"cve": "CVE-2009-3023",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2009-3023",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-3023",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#276653",
"trust": 0.8,
"value": "20.81"
},
{
"author": "NVD",
"id": "CVE-2009-3023",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200908-498",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#276653"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002072"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-498"
},
{
"db": "NVD",
"id": "CVE-2009-3023"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka \"IIS FTP Service RCE and DoS Vulnerability.\". \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. \nThis issue affects the following:\nIIS 5.0\nIIS 5.1\nIIS 6.0 (denial of service only)\nIIS 7.0 (denial of service only)\nNote that Microsoft IIS 7.0 with FTP Service 7.5 is not affected. \nOther versions may also be affected. \nNOTE: This issue cannot be exploited to execute arbitrary code on IIS 6.0 or 7.0. \nNOTE (September 1, 2009): This issue can be exploited to execute arbitrary code with SYSTEM-level privileges on IIS 5.0. \nUPDATE (September 8, 2009); This issue may be related to a vulnerability reported in 1999 affecting IIS 3 and IIS 4. We will update this BID as more details emerge. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nThe vulnerability is caused due to a boundary error in the FTP server\nwhen processing NLST commands. This can be exploited to cause a\nstack-based buffer overflow by issuing a specially crafted NLST\ncommand. \n\nThe vulnerability is confirmed as a DoS in IIS 5.1 for Windows XP SP3\nand in IIS 6.0 for Windows Server 2003, and reported as code execution\nin IIS 5.0 for Windows 2000 SP4. \n\nSOLUTION:\nRestrict access to trusted users only. \n\nPROVIDED AND/OR DISCOVERED BY:\nKingcope\n\nORIGINAL ADVISORY:\nhttp://milw0rm.com/exploits/9541\n\nOTHER REFERENCES:\nVU#276653:\nhttp://www.kb.cert.org/vuls/id/276653\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA09-286A\n\n\nMicrosoft Updates for Multiple Vulnerabilities\n\n Original release date: \n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Microsoft Windows and Windows Server\n * Microsoft Internet Explorer\n * Microsoft Office\n * Microsoft .NET Framework\n * Microsoft Silverlight\n * Microsoft SQL Server\n * Microsoft Developer Tools\n * Microsoft Forefront\n\n\nOverview\n\n Microsoft has released updates to address vulnerabilities in\n Microsoft Windows and Windows Server, Internet Explorer, Office,\n .NET Framework, Silverlight, SQL Server, Developer Tools, and\n Forefront. \n\n\nI. Description\n\n Microsoft has released multiple security bulletins for critical\n vulnerabilities in Microsoft Windows and Windows Server, Internet\n Explorer, Office, .NET Framework, Silverlight, SQL Server,\n Developer Tools, and Forefront. These bulletins are described in\n the Microsoft Security Bulletin Summary for October 2009. \n\n\nII. \n\n\nIII. Solution\n\n Apply updates from Microsoft\n \n Microsoft has provided updates for these vulnerabilities in the\n Microsoft Security Bulletin Summary for October 2009. The security\n bulletin describes any known issues related to the updates. \n Administrators are encouraged to note these issues and test for any\n potentially adverse effects. Administrators should consider using\n an automated update distribution system such as Windows Server\n Update Services (WSUS). \n\n\nIV. References\n\n * Microsoft Security Bulletin Summary for October 2009 -\n \u003chttp://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx\u003e\n\n * Microsoft Windows Server Update Services -\n \u003chttp://technet.microsoft.com/en-us/wsus/default.aspx\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA09-286A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA09-286A Feedback VU#788021\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2009 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n \n October 13, 2009: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBStTKrtucaIvSvh1ZAQL82wf+PgEKeQvhJ5HQGJ3S0/VzCP7/PzauiWrW\nZm/l1mlzOpp6F81G35xHfnOXJ9pY5/rv5Ez80ME8mQrYi8K0IHiA24mHBXu9vFSk\ncrtGkpGGqvrPRxJbuC+otsy8wtYzAu6fa6np3FF+fGFCvhAuf5kzfEMHR79BNC4A\n04Lz7zJvO+7w+y4mt4lbfc7FJnoPm5kIFu3hQV2KmsnATipYUB8gVVqb6mpkCsbR\naIbgKdyXFWeLiQVPN3bwUt4yE0FnpWT89eZCANdFtOSHVl2ff3cumR9YB1mHDUbQ\n8qomBgx1goC2DlRRcX0EpyJp1+4fLl1pnuHD1Qtt1LTYyZ+sTq566g==\n=sbjN\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3023"
},
{
"db": "CERT/CC",
"id": "VU#276653"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002072"
},
{
"db": "BID",
"id": "36189"
},
{
"db": "PACKETSTORM",
"id": "80892"
},
{
"db": "PACKETSTORM",
"id": "81977"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#276653",
"trust": 3.6
},
{
"db": "NVD",
"id": "CVE-2009-3023",
"trust": 2.7
},
{
"db": "BID",
"id": "36189",
"trust": 2.7
},
{
"db": "EXPLOIT-DB",
"id": "9541",
"trust": 2.5
},
{
"db": "USCERT",
"id": "TA09-286A",
"trust": 2.5
},
{
"db": "EXPLOIT-DB",
"id": "9559",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2009-2481",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "36443",
"trust": 1.1
},
{
"db": "USCERT",
"id": "SA09-286A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002072",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200908-498",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "80892",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "81977",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#276653"
},
{
"db": "BID",
"id": "36189"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002072"
},
{
"db": "PACKETSTORM",
"id": "80892"
},
{
"db": "PACKETSTORM",
"id": "81977"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-498"
},
{
"db": "NVD",
"id": "CVE-2009-3023"
}
]
},
"id": "VAR-200908-0339",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2024-11-23T20:30:30.634000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "975191",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/advisory/975191.mspx"
},
{
"title": "MS09-053",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/MS09-053.mspx"
},
{
"title": "975191",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/advisory/975191.mspx"
},
{
"title": "MS09-053",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms09-053.mspx"
},
{
"title": "MS09-053e",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/security/bulletins/MS09-053e.mspx"
},
{
"title": "TA09-286A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta09-286a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002072"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002072"
},
{
"db": "NVD",
"id": "CVE-2009-3023"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.kb.cert.org/vuls/id/276653"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/36189"
},
{
"trust": 2.4,
"url": "http://www.us-cert.gov/cas/techalerts/ta09-286a.html"
},
{
"trust": 1.6,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6080"
},
{
"trust": 1.6,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-053"
},
{
"trust": 1.6,
"url": "http://www.exploit-db.com/exploits/9559"
},
{
"trust": 1.6,
"url": "http://www.vupen.com/english/advisories/2009/2481"
},
{
"trust": 1.6,
"url": "http://www.exploit-db.com/exploits/9541"
},
{
"trust": 1.1,
"url": "http://www.microsoft.com/technet/security/advisory/975191.mspx"
},
{
"trust": 1.0,
"url": "http://support.microsoft.com/default.aspx?scid=kb%3b%5bln%5d%3bq975191"
},
{
"trust": 0.9,
"url": "http://milw0rm.com/exploits/9541"
},
{
"trust": 0.8,
"url": "http://blog.g-sec.lu/2009/09/iis-5-iis-6-ftp-vulnerability.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3023"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20091014-ms09-053.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta09-286a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu276653/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2009-23/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3023"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/36443"
},
{
"trust": 0.8,
"url": "http://isc.sans.org/diary.html?storyid=7039"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa09-286a.html"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/#topics"
},
{
"trust": 0.6,
"url": "http://support.microsoft.com/default.aspx?scid=kb;[ln];q975191"
},
{
"trust": 0.3,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-08/att-0444/isowarez.pdf"
},
{
"trust": 0.3,
"url": "http://www.offensive-security.com/blog/vulndev/microsoft-iis-ftp-5-0-remote-system-exploit/"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/windowsserver2003/iis/default.mspx"
},
{
"trust": 0.3,
"url": "http://blogs.technet.com/msrc/archive/2009/09/01/microsoft-security-advisory-975191-released.aspx"
},
{
"trust": 0.3,
"url": "http://blogs.technet.com/msrc/archive/2009/09/03/microsoft-security-advisory-975191-revised.aspx"
},
{
"trust": 0.3,
"url": "http://blogs.technet.com/srd/archive/2009/09/01/new-vulnerability-in-iis5-and-iis6.aspx"
},
{
"trust": 0.3,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-09/0016.html"
},
{
"trust": 0.3,
"url": "/archive/1/506297"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security/bulletin/ms09-053.mspx"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/36443/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta09-286a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/wsus/default.aspx\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#276653"
},
{
"db": "BID",
"id": "36189"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002072"
},
{
"db": "PACKETSTORM",
"id": "80892"
},
{
"db": "PACKETSTORM",
"id": "81977"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-498"
},
{
"db": "NVD",
"id": "CVE-2009-3023"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#276653"
},
{
"db": "BID",
"id": "36189"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002072"
},
{
"db": "PACKETSTORM",
"id": "80892"
},
{
"db": "PACKETSTORM",
"id": "81977"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-498"
},
{
"db": "NVD",
"id": "CVE-2009-3023"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-08-31T00:00:00",
"db": "CERT/CC",
"id": "VU#276653"
},
{
"date": "2009-08-31T00:00:00",
"db": "BID",
"id": "36189"
},
{
"date": "2009-10-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002072"
},
{
"date": "2009-09-01T07:26:38",
"db": "PACKETSTORM",
"id": "80892"
},
{
"date": "2009-10-14T18:32:45",
"db": "PACKETSTORM",
"id": "81977"
},
{
"date": "2009-08-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200908-498"
},
{
"date": "2009-08-31T20:30:01.077000",
"db": "NVD",
"id": "CVE-2009-3023"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-09-02T00:00:00",
"db": "CERT/CC",
"id": "VU#276653"
},
{
"date": "2010-10-07T08:51:00",
"db": "BID",
"id": "36189"
},
{
"date": "2009-10-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002072"
},
{
"date": "2021-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200908-498"
},
{
"date": "2024-11-21T01:06:19.957000",
"db": "NVD",
"id": "CVE-2009-3023"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200908-498"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Internet Information Server (IIS) FTP server NLST stack buffer overflow",
"sources": [
{
"db": "CERT/CC",
"id": "VU#276653"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200908-498"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.