Summary
his host is missing important security update according to Microsoft Bulletin MS02-018.
Impact
Successful exploitation will allows remote users to crash the application leading to denial of service condition or execute arbitrary code.
Impact Level: System/Application
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link.
http://technet.microsoft.com/en-us/security/bulletin/ms02-018
Insight
Error in the handling of FTP session status requests. If a remote attacker with an existing FTP session sends a malformed FTP session status request, an access violation error could occur that would cause the termination of FTP and Web services on the affected server.
Affected
Microsoft Internet Information Services version 4.0, 5.0 and 5.1
References
- http://marc.info/?l=bugtraq&m=101901273810598&w=2
- http://technet.microsoft.com/en-us/security/bulletin/ms02-018
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20020415-ms02-018
- http://www.cert.org/advisories/CA-2002-09.html
- http://xforce.iss.net/xforce/xfdb/8801
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2002-0073 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Microsoft .NET Framework Chart Control Information Disclosure Vulnerability (2567943)
- Microsoft Security Bulletin MS06-056
- Microsoft Active Directory Federation Services Information Disclosure Vulnerability (2873872)
- Microsoft SharePoint Multiple Privilege Elevation Vulnerabilities (2695502)
- Microsoft Office Security Feature Bypass Vulnerability (3033857)