Short Name |
FTP:MS-FTP:STAT-GLOB |
---|---|
Severity |
Minor |
Recommended |
No |
Category |
FTP |
Keywords |
Microsoft FTP Service STAT Globbing Denial of Service |
Release Date |
2003/04/25 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects denial-of-service (DoS) attempts against Microsoft FTP Service in Microsoft IIS 4.0 and 5.0. Attackers who have previously established an FTP session can send glob charaters within a maliciously crafted status request to crash the server.
A vulnerability has been identified in the way Microsoft Internet Information Server's FTP service handles certain requests for transfer status. The condition is present when a request is made for the FTP transfer status is made via the STAT command. A client issuing this command with a large number of file globbing characters as the argument may cause the service to crash. On IIS 4.0 servers, the service must be manually restarted. On IIS 5.0 and 5.1 servers, the service will restart itself automatically. A number of Cisco products are affected by this vulnerability, although this issue is not present in the Cisco products themselves.