Thursday, July 14, 2011

[Metasploit] Microsoft IIS FTP Server <= 7.0 LIST Stack Exhaustion Denial of Service

# Exploit Title: [MS09-053] Microsoft IIS FTP Server <= 7.0 Stack Exhaustion DoS
# Version: 5.0 - 7.0
# Tested on: unpatched version of windows xp, 2k3, & Vista Enterprise

http://dev.metasploit.com/redmine/attachments/1427/iis567_ftpd_stackexhaust.rb

This module triggers Denial of Service condition in the Microsoft
Internet Information Services (IIS) FTP Server 5.0 through 7.0 via a
list (ls) -R command containing a wildcard. For this exploit to work
in most cases, you need 1) a valid ftp account: either read-only or
write-access account 2) the "FTP Publishing" service must be
configured as "manual" mode in startup type 3) there must be at least
one directory under FTP root directory. If your provided FTP account
has write-access privilege and there is no single directory, a new
directory with random name will be created prior to sending exploit
payload.

---------------------------------
Best regards,
YGN Ethical Hacker Group
Yangon, Myanmar
http://yehg.net
Our Lab | http://yehg.net/lab
Our Directory | http://yehg.net/hwd