MS.IIS.FTP.NLST.DoS

description-logoDescription

This indicates an attack attempt to exploit a DoS vulnerability in Microsoft windows IIS server.
The Microsoft IIS FTP service crashes due to stack exhaustion when handling crafted NLST command. Remote attackers could exploit this to cause denial of service on the IIS server.

affected-products-logoAffected Products

Microsoft Internet Information Services 5.0
Microsoft Internet Information Services 5.1
Microsoft Internet Information Services 6.0
Microsoft Internet Information Services 7.0

Impact logoImpact

Denial of Service: Remote attackers can crash vulnerable systems.

recomended-action-logoRecommended Actions

Apply the suggested workaround from Microsoft.
http://www.microsoft.com/technet/security/advisory/975191.mspx

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-01-10 14.521 Sig Added