[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

FTP command injection vulnerability in Microsoft Internet Information Services

ID: oval:org.secpod.oval:def:7909Date: (C)2012-11-16   (M)2022-10-10
Class: VULNERABILITYFamily: windows




The host is installed with Microsoft Internet Information Services 7.0 or 7.5 and is prone to command injection vulnerability. A flaw is present in Internet Information Services (IIS), which fails to properly handle specially crafted FTP commands. Successful exploitation could allow information disclosure if an attacker sends specially crafted FTP commands to the server.

Platform:
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product:
Microsoft Internet Information Services 7.0
Microsoft Internet Information Services 7.5
Reference:
CVE-2012-2532
CVE    1
CVE-2012-2532
CPE    20
cpe:/o:microsoft:windows_server_2008:r2:sp1:x64
cpe:/o:microsoft:windows_server_2008:::x64
cpe:/o:microsoft:windows_server_2008:::x86
cpe:/o:microsoft:windows_7::sp1:x64
...

© SecPod Technologies