CVE-2009-3023

Summary

CVE	CVE-2009-3023
State	PUBLISHED
Assigner	mitre
Source Priority	CVE Program / NVD first with legacy fallback
Published	2009-08-31 20:30:01 UTC
Updated	2026-04-23 00:35:47 UTC
Description	Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability."

Risk And Classification

Primary CVSS: v2.0 9 from [email protected]

AV:N/AC:L/Au:S/C:C/I:C/A:C

Problem Types: CWE-120 | n/a

CVSS v2.0 Breakdown

Access Vector

Network

Access Complexity

Low

Authentication

Single

Confidentiality

Complete

Integrity

Complete

Availability

Complete

AV:N/AC:L/Au:S/C:C/I:C/A:C

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Microsoft	Internet Information Server	All	All	All	All
Operating System	Microsoft	Windows 2000	-	sp4	All	All
Operating System	Microsoft	Windows Server 2003	-	sp2	All	All
Operating System	Microsoft	Windows Server 2003	-	sp2	All	All
Operating System	Microsoft	Windows Server 2008	-	All	All	All
Operating System	Microsoft	Windows Server 2008	-	All	All	All
Operating System	Microsoft	Windows Server 2008	-	All	All	All
Operating System	Microsoft	Windows Server 2008	-	sp2	All	All
Operating System	Microsoft	Windows Server 2008	-	sp2	All	All
Operating System	Microsoft	Windows Server 2008	-	sp2	All	All
Operating System	Microsoft	Windows Vista	-	All	All	All
Operating System	Microsoft	Windows Vista	-	All	All	All
Operating System	Microsoft	Windows Vista	-	sp1	All	All
Operating System	Microsoft	Windows Vista	-	sp1	All	All
Operating System	Microsoft	Windows Vista	-	sp2	All	All
Operating System	Microsoft	Windows Vista	-	sp2	All	All
Operating System	Microsoft	Windows Xp	-	sp2	All	All
Operating System	Microsoft	Windows Xp	-	sp2	All	All
Operating System	Microsoft	Windows Xp	-	sp3	All	All

Vendor Declared Affected Products

Source	Vendor	Product	Version	Platforms
CNA	Na	N/a	affected n/a	Not specified

References

Reference	Source	Link	Tags
US-CERT Vulnerability Note VU#276653	af854a3a-2127-422b-91ae-364da2661108	www.kb.cert.org	Third Party Advisory, US Government Resource
Microsoft IIS 5.0/6.0 FTP Server Remote Stack Overflow Exploit (win2k)	af854a3a-2127-422b-91ae-364da2661108	www.exploit-db.com	Exploit, Third Party Advisory, VDB Entry
US-CERT Technical Cyber Security Alert TA09-286A -- Microsoft Updates for Multiple Vulnerabilities	af854a3a-2127-422b-91ae-364da2661108	www.us-cert.gov	Third Party Advisory, US Government Resource
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	af854a3a-2127-422b-91ae-364da2661108	www.vupen.com	Third Party Advisory
Repository / Oval Repository	af854a3a-2127-422b-91ae-364da2661108	oval.cisecurity.org	Third Party Advisory
Microsoft Security Bulletin MS09-053 - Important \| Microsoft Docs	af854a3a-2127-422b-91ae-364da2661108	docs.microsoft.com	Patch, Vendor Advisory
Microsoft IIS FTPd NLST Remote Buffer Overflow Vulnerability	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com	Exploit, Third Party Advisory, VDB Entry
Microsoft IIS 5.0 FTP Server Remote Stack Overflow Exploit (win2k sp4)	af854a3a-2127-422b-91ae-364da2661108	www.exploit-db.com	Exploit, Third Party Advisory, VDB Entry
Microsoft Security Advisory: Vulnerability in Internet Information Services FTP Service could allow for remote code execution	af854a3a-2127-422b-91ae-364da2661108	support.microsoft.com
Microsoft Security Advisory: Vulnerability in Internet Information Services FTP Service could allow for remote code execution	MITRE	support.microsoft.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.