Summary
his host is missing important security update according to Microsoft Bulletin MS02-018.
Impact
Successful exploitation will allows remote users to crash the application leading to denial of service condition or execute arbitrary code.
Impact Level: System/Application
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link.
http://technet.microsoft.com/en-us/security/bulletin/ms02-018
Insight
Error in the handling of FTP session status requests. If a remote attacker with an existing FTP session sends a malformed FTP session status request, an access violation error could occur that would cause the termination of FTP and Web services on the affected server.
Affected
Microsoft Internet Information Services version 4.0, 5.0 and 5.1
References
- http://marc.info/?l=bugtraq&m=101901273810598&w=2
- http://technet.microsoft.com/en-us/security/bulletin/ms02-018
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20020415-ms02-018
- http://www.cert.org/advisories/CA-2002-09.html
- http://xforce.iss.net/xforce/xfdb/8801
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2002-0073 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Microsoft SharePoint Privilege Elevation Vulnerabilities (2028554)
- Microsoft JScript and VBScript Scripting Engines Information Disclosure Vulnerability (2475792)
- Microsoft Windows DNS Server Denial of Service Vulnerability (2647170)
- Microsoft IIS Malformed File Extension Denial of Service Vulnerability
- Microsoft Graphics Component Information Disclosure Vulnerability (3013126)