IIS 5.0 FTP Server / Remote SYSTEM exploit

vendor:

Internet Information Services (IIS)

by:

Kingcope

7.5

CVSS

HIGH

Remote Code Execution

119

CWE

Product Name: Internet Information Services (IIS)

Affected Version From: IIS 5.0 FTP Server

Affected Version To: IIS 5.0 FTP Server

Patch Exists: NO

Related CWE:

CPE: a:microsoft:iis:5.0

Metasploit:

Other Scripts:

Platforms Tested: Windows 2000 SP4

Unknown

IIS 5.0 FTP Server / Remote SYSTEM exploit

This exploit targets IIS 5.0 FTP Server on Windows 2000 SP4. It allows an attacker to execute arbitrary code with SYSTEM privileges. The exploit has been modified by adding an additional egghunter for a secondary larger payload. It opens a bind shell on port 4444.

Mitigation:

Apply the latest security patches and updates for IIS 5.0 FTP Server.

Source

IIS 5.0 FTP Server / Remote SYSTEM exploit

Mitigation:

Exploit-DB raw data: