QUOTE
September 1st, 2009
Microsoft confirms IIS zero-day flaw; Exploit code published
Posted by Ryan Naraine @ 7:48 pm
Microsoft late Tuesday confirmed the publication of exploit code for a serious code execution vulnerability in the File Transfer Protocol (FTP) Service in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0.
A security advisory from Redmond warned that the vulnerability could allow remote code execution on affected systems running the FTP service and connected to the Internet.
“While we have seen detailed exploit code published on the Internet for this vulnerability, we are not currently aware of active attacks that use this exploit code,” a Microsoft spokesman said in an e-mail.
Details:
http://blogs.zdnet.com/security/?p=4170
Microsoft confirms IIS zero-day flaw; Exploit code published
Posted by Ryan Naraine @ 7:48 pm
Microsoft late Tuesday confirmed the publication of exploit code for a serious code execution vulnerability in the File Transfer Protocol (FTP) Service in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0.
A security advisory from Redmond warned that the vulnerability could allow remote code execution on affected systems running the FTP service and connected to the Internet.
“While we have seen detailed exploit code published on the Internet for this vulnerability, we are not currently aware of active attacks that use this exploit code,” a Microsoft spokesman said in an e-mail.
Details:
http://blogs.zdnet.com/security/?p=4170