var-200909-0359
Vulnerability from variot
Stack consumption vulnerability in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows remote authenticated users to cause a denial of service (daemon crash) via a list (ls) -R command containing a wildcard that references a subdirectory, followed by a .. (dot dot), aka "IIS FTP Service DoS Vulnerability.". The Microsoft IIS FTP server contains a stack buffer overflow in the handling of directory names, which may allow a remote attacker to execute arbitrary code on a vulnerable system. An attacker can exploit this issue to terminate the affected application, denying service to legitimate users. This issue affects the following: IIS 5.0 IIS 5.1 IIS 6.0 IIS 7.0 NOTE: Microsoft IIS 7.0 with FTP Service 7.5 is not affected by this issue. Other versions may also be affected. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
The vulnerability is caused due to an error when processing recursive directory listing requests. This can be exploited to cause a stack overflow and crash the FTP service via a specially crafted request containing wildcard characters (e.g.
Successful exploitation requires that at least one directory is placed under the FTP root.
The vulnerability is confirmed in IIS 5.1 for Windows XP SP3 and in IIS 6.0 for Windows Server 2003, and additionally reported in IIS 5.0 and 7.0.
SOLUTION: Restrict access to trusted users only.
Users of IIS 7.0 can optionally upgrade the FTP service to version 7.5.
Microsoft FTP Service 7.5 for IIS 7.0 (x86): http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=b7f5b652-8c5c-447a-88b8-8cfc5c13f571
Microsoft FTP Service 7.5 for IIS 7.0 (x64): http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=ffb7c167-279e-48d3-8169-dea85784c4d1
PROVIDED AND/OR DISCOVERED BY: Kingcope
ORIGINAL ADVISORY: Kingcope: http://archives.neohapsis.com/archives/fulldisclosure/2009-09/0040.html
Microsoft: http://www.microsoft.com/technet/security/advisory/975191.mspx
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA09-286A
Microsoft Updates for Multiple Vulnerabilities
Original release date: Last revised: -- Source: US-CERT
Systems Affected
* Microsoft Windows and Windows Server
* Microsoft Internet Explorer
* Microsoft Office
* Microsoft .NET Framework
* Microsoft Silverlight
* Microsoft SQL Server
* Microsoft Developer Tools
* Microsoft Forefront
Overview
Microsoft has released updates to address vulnerabilities in Microsoft Windows and Windows Server, Internet Explorer, Office, .NET Framework, Silverlight, SQL Server, Developer Tools, and Forefront.
I. Description
Microsoft has released multiple security bulletins for critical vulnerabilities in Microsoft Windows and Windows Server, Internet Explorer, Office, .NET Framework, Silverlight, SQL Server, Developer Tools, and Forefront. These bulletins are described in the Microsoft Security Bulletin Summary for October 2009.
II.
III. Solution
Apply updates from Microsoft
Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for October 2009. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS).
IV. References
-
Microsoft Security Bulletin Summary for October 2009 - http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx
-
Microsoft Windows Server Update Services - http://technet.microsoft.com/en-us/wsus/default.aspx
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-286A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA09-286A Feedback VU#788021" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
October 13, 2009: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBStTKrtucaIvSvh1ZAQL82wf+PgEKeQvhJ5HQGJ3S0/VzCP7/PzauiWrW Zm/l1mlzOpp6F81G35xHfnOXJ9pY5/rv5Ez80ME8mQrYi8K0IHiA24mHBXu9vFSk crtGkpGGqvrPRxJbuC+otsy8wtYzAu6fa6np3FF+fGFCvhAuf5kzfEMHR79BNC4A 04Lz7zJvO+7w+y4mt4lbfc7FJnoPm5kIFu3hQV2KmsnATipYUB8gVVqb6mpkCsbR aIbgKdyXFWeLiQVPN3bwUt4yE0FnpWT89eZCANdFtOSHVl2ff3cumR9YB1mHDUbQ 8qomBgx1goC2DlRRcX0EpyJp1+4fLl1pnuHD1Qtt1LTYyZ+sTq566g== =sbjN -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200909-0359",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iis",
"scope": "eq",
"trust": 1.7,
"vendor": "microsoft",
"version": "7.0"
},
{
"model": "iis",
"scope": "eq",
"trust": 1.7,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "iis",
"scope": "eq",
"trust": 1.7,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": "iis",
"scope": "eq",
"trust": 1.1,
"vendor": "microsoft",
"version": "5.1"
},
{
"model": "internet information services",
"scope": "lte",
"trust": 1.0,
"vendor": "microsoft",
"version": "7.0"
},
{
"model": "internet information services",
"scope": "gte",
"trust": 1.0,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "iis",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "7.5"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#276653"
},
{
"db": "BID",
"id": "36273"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002073"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-069"
},
{
"db": "NVD",
"id": "CVE-2009-2521"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:microsoft:iis",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002073"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nikolaos Rangos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200909-069"
}
],
"trust": 0.6
},
"cve": "CVE-2009-2521",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2009-2521",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2009-2521",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-2521",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#276653",
"trust": 0.8,
"value": "20.81"
},
{
"author": "NVD",
"id": "CVE-2009-2521",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200909-069",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#276653"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002073"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-069"
},
{
"db": "NVD",
"id": "CVE-2009-2521"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack consumption vulnerability in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows remote authenticated users to cause a denial of service (daemon crash) via a list (ls) -R command containing a wildcard that references a subdirectory, followed by a .. (dot dot), aka \"IIS FTP Service DoS Vulnerability.\". The Microsoft IIS FTP server contains a stack buffer overflow in the handling of directory names, which may allow a remote attacker to execute arbitrary code on a vulnerable system. \nAn attacker can exploit this issue to terminate the affected application, denying service to legitimate users. \nThis issue affects the following:\nIIS 5.0\nIIS 5.1\nIIS 6.0\nIIS 7.0\nNOTE: Microsoft IIS 7.0 with FTP Service 7.5 is not affected by this issue. Other versions may also be affected. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nThe vulnerability is caused due to an error when processing recursive\ndirectory listing requests. This can be exploited to cause a stack\noverflow and crash the FTP service via a specially crafted request\ncontaining wildcard characters (e.g. \n\nSuccessful exploitation requires that at least one directory is\nplaced under the FTP root. \n\nThe vulnerability is confirmed in IIS 5.1 for Windows XP SP3 and in\nIIS 6.0 for Windows Server 2003, and additionally reported in IIS 5.0\nand 7.0. \n\nSOLUTION:\nRestrict access to trusted users only. \n\nUsers of IIS 7.0 can optionally upgrade the FTP service to version\n7.5. \n\nMicrosoft FTP Service 7.5 for IIS 7.0 (x86):\nhttp://www.microsoft.com/downloads/details.aspx?displaylang=en\u0026FamilyID=b7f5b652-8c5c-447a-88b8-8cfc5c13f571\n\nMicrosoft FTP Service 7.5 for IIS 7.0 (x64):\nhttp://www.microsoft.com/downloads/details.aspx?displaylang=en\u0026FamilyID=ffb7c167-279e-48d3-8169-dea85784c4d1\n\nPROVIDED AND/OR DISCOVERED BY:\nKingcope\n\nORIGINAL ADVISORY:\nKingcope:\nhttp://archives.neohapsis.com/archives/fulldisclosure/2009-09/0040.html\n\nMicrosoft:\nhttp://www.microsoft.com/technet/security/advisory/975191.mspx\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA09-286A\n\n\nMicrosoft Updates for Multiple Vulnerabilities\n\n Original release date: \n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Microsoft Windows and Windows Server\n * Microsoft Internet Explorer\n * Microsoft Office\n * Microsoft .NET Framework\n * Microsoft Silverlight\n * Microsoft SQL Server\n * Microsoft Developer Tools\n * Microsoft Forefront\n\n\nOverview\n\n Microsoft has released updates to address vulnerabilities in\n Microsoft Windows and Windows Server, Internet Explorer, Office,\n .NET Framework, Silverlight, SQL Server, Developer Tools, and\n Forefront. \n\n\nI. Description\n\n Microsoft has released multiple security bulletins for critical\n vulnerabilities in Microsoft Windows and Windows Server, Internet\n Explorer, Office, .NET Framework, Silverlight, SQL Server,\n Developer Tools, and Forefront. These bulletins are described in\n the Microsoft Security Bulletin Summary for October 2009. \n\n\nII. \n\n\nIII. Solution\n\n Apply updates from Microsoft\n \n Microsoft has provided updates for these vulnerabilities in the\n Microsoft Security Bulletin Summary for October 2009. The security\n bulletin describes any known issues related to the updates. \n Administrators are encouraged to note these issues and test for any\n potentially adverse effects. Administrators should consider using\n an automated update distribution system such as Windows Server\n Update Services (WSUS). \n\n\nIV. References\n\n * Microsoft Security Bulletin Summary for October 2009 -\n \u003chttp://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx\u003e\n\n * Microsoft Windows Server Update Services -\n \u003chttp://technet.microsoft.com/en-us/wsus/default.aspx\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA09-286A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA09-286A Feedback VU#788021\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2009 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n \n October 13, 2009: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBStTKrtucaIvSvh1ZAQL82wf+PgEKeQvhJ5HQGJ3S0/VzCP7/PzauiWrW\nZm/l1mlzOpp6F81G35xHfnOXJ9pY5/rv5Ez80ME8mQrYi8K0IHiA24mHBXu9vFSk\ncrtGkpGGqvrPRxJbuC+otsy8wtYzAu6fa6np3FF+fGFCvhAuf5kzfEMHR79BNC4A\n04Lz7zJvO+7w+y4mt4lbfc7FJnoPm5kIFu3hQV2KmsnATipYUB8gVVqb6mpkCsbR\naIbgKdyXFWeLiQVPN3bwUt4yE0FnpWT89eZCANdFtOSHVl2ff3cumR9YB1mHDUbQ\n8qomBgx1goC2DlRRcX0EpyJp1+4fLl1pnuHD1Qtt1LTYyZ+sTq566g==\n=sbjN\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2521"
},
{
"db": "CERT/CC",
"id": "VU#276653"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002073"
},
{
"db": "BID",
"id": "36273"
},
{
"db": "PACKETSTORM",
"id": "80892"
},
{
"db": "PACKETSTORM",
"id": "81005"
},
{
"db": "PACKETSTORM",
"id": "81977"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-2521",
"trust": 2.7
},
{
"db": "USCERT",
"id": "TA09-286A",
"trust": 2.5
},
{
"db": "CERT/CC",
"id": "VU#276653",
"trust": 1.7
},
{
"db": "BID",
"id": "36273",
"trust": 1.1
},
{
"db": "EXPLOIT-DB",
"id": "9541",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "36594",
"trust": 0.9
},
{
"db": "USCERT",
"id": "SA09-286A",
"trust": 0.8
},
{
"db": "VUPEN",
"id": "ADV-2009-2542",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002073",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200909-069",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "36443",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "80892",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "81005",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "81977",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#276653"
},
{
"db": "BID",
"id": "36273"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002073"
},
{
"db": "PACKETSTORM",
"id": "80892"
},
{
"db": "PACKETSTORM",
"id": "81005"
},
{
"db": "PACKETSTORM",
"id": "81977"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-069"
},
{
"db": "NVD",
"id": "CVE-2009-2521"
}
]
},
"id": "VAR-200909-0359",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2024-11-23T20:17:05.385000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "975191",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/advisory/975191.mspx"
},
{
"title": "MS09-053",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/MS09-053.mspx"
},
{
"title": "975191",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/advisory/975191.mspx"
},
{
"title": "MS09-053",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms09-053.mspx"
},
{
"title": "MS09-053e",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/security/bulletins/MS09-053e.mspx"
},
{
"title": "TA09-286A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta09-286a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002073"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-400",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002073"
},
{
"db": "NVD",
"id": "CVE-2009-2521"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.us-cert.gov/cas/techalerts/ta09-286a.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-09/0040.html"
},
{
"trust": 1.6,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-053"
},
{
"trust": 1.6,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6508"
},
{
"trust": 1.2,
"url": "http://www.microsoft.com/technet/security/advisory/975191.mspx"
},
{
"trust": 1.0,
"url": "http://support.microsoft.com/default.aspx?scid=kb%3b%5bln%5d%3bq975191"
},
{
"trust": 0.9,
"url": "http://milw0rm.com/exploits/9541"
},
{
"trust": 0.9,
"url": "http://www.kb.cert.org/vuls/id/276653"
},
{
"trust": 0.8,
"url": "http://blog.g-sec.lu/2009/09/iis-5-iis-6-ftp-vulnerability.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2521"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20091014-ms09-053.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta09-286a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu276653/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2009-23/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-2521"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/36594"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/36273"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa09-286a.html"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2009/2542"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/#topics"
},
{
"trust": 0.6,
"url": "/archive/1/506256"
},
{
"trust": 0.6,
"url": "http://support.microsoft.com/default.aspx?scid=kb;[ln];q975191"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/windowsserver2003/iis/default.mspx"
},
{
"trust": 0.3,
"url": "http://blogs.technet.com/msrc/archive/2009/09/01/microsoft-security-advisory-975191-released.aspx"
},
{
"trust": 0.3,
"url": "http://blogs.technet.com/msrc/archive/2009/09/03/microsoft-security-advisory-975191-revised.aspx"
},
{
"trust": 0.3,
"url": "http://blogs.technet.com/srd/archive/2009/09/01/new-vulnerability-in-iis5-and-iis6.aspx"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security/bulletin/ms09-053.mspx"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/36443/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?displaylang=en\u0026familyid=ffb7c167-279e-48d3-8169-dea85784c4d1"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?displaylang=en\u0026familyid=b7f5b652-8c5c-447a-88b8-8cfc5c13f571"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/36594/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta09-286a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/wsus/default.aspx\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#276653"
},
{
"db": "BID",
"id": "36273"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002073"
},
{
"db": "PACKETSTORM",
"id": "80892"
},
{
"db": "PACKETSTORM",
"id": "81005"
},
{
"db": "PACKETSTORM",
"id": "81977"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-069"
},
{
"db": "NVD",
"id": "CVE-2009-2521"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#276653"
},
{
"db": "BID",
"id": "36273"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002073"
},
{
"db": "PACKETSTORM",
"id": "80892"
},
{
"db": "PACKETSTORM",
"id": "81005"
},
{
"db": "PACKETSTORM",
"id": "81977"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-069"
},
{
"db": "NVD",
"id": "CVE-2009-2521"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-08-31T00:00:00",
"db": "CERT/CC",
"id": "VU#276653"
},
{
"date": "2009-09-03T00:00:00",
"db": "BID",
"id": "36273"
},
{
"date": "2009-10-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002073"
},
{
"date": "2009-09-01T07:26:38",
"db": "PACKETSTORM",
"id": "80892"
},
{
"date": "2009-09-04T15:24:55",
"db": "PACKETSTORM",
"id": "81005"
},
{
"date": "2009-10-14T18:32:45",
"db": "PACKETSTORM",
"id": "81977"
},
{
"date": "2009-09-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200909-069"
},
{
"date": "2009-09-04T10:30:01.907000",
"db": "NVD",
"id": "CVE-2009-2521"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-09-02T00:00:00",
"db": "CERT/CC",
"id": "VU#276653"
},
{
"date": "2009-10-13T20:58:00",
"db": "BID",
"id": "36273"
},
{
"date": "2009-10-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002073"
},
{
"date": "2021-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200909-069"
},
{
"date": "2024-11-21T01:05:04.427000",
"db": "NVD",
"id": "CVE-2009-2521"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200909-069"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Internet Information Server (IIS) FTP server NLST stack buffer overflow",
"sources": [
{
"db": "CERT/CC",
"id": "VU#276653"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200909-069"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.