CVE-1999-0349

Description

A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands.

Affected products

• Microsoft / internet_information_server3.0 – 3.0
• Microsoft / internet_information_server4.0 – 4.0

References

• VENDOR_ADVISORYhttp://www.eeye.com/html/Research/Advisories/IIS%20Remote%20FTP%20Exploit/DoS%20Attack.html
• MISChttp://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ188348
• MISChttps://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-003