plugging old IIS FTP holes

From: Douglas Schlenker (Douglas.Schlenker_at_RoyalRoads.ca)
Date: 07/19/03

Next message: Wetwork07_at_aol.com: "Re: Biometric fingerprint scanner"

Previous message: Stefan Osterlitz: "Re: Internet explorer history viewer"
Next in thread: Lee Evans: "RE: plugging old IIS FTP holes"
Reply: Lee Evans: "RE: plugging old IIS FTP holes"
Maybe reply: Stuart: "RE: plugging old IIS FTP holes"
Maybe reply: Lee Evans: "RE: plugging old IIS FTP holes"
Maybe reply: Levinson, Karl: "RE: plugging old IIS FTP holes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: focus-ms@securityfocus.com
Date: Fri, 18 Jul 2003 16:02:17 -0700

Hi there,

I just finished running a Nessus scan against a new server I'm bringing up.
One of the "high" risk factor warning I received was this:

It may be possible to make the remote FTP server crash
by sending the command 'STAT *?AAA...AAA.
An attacker may use this flaw to prevent your site from distributing files
*** Warning : we could not verify this vulnerability.
*** Nessus solely relied on the banner of this server
Solution : Apply the relevant hotfix from Microsoft
See:http://www.microsoft.com/technet/security/bulletin/ms02-018.asp

I went to Microsofts website and downloaded the appropriate patch. When I
went to install it, the installation failed because the patch will not
install on a server that has a newer Service Pack than SP2.

Any ideas how I can fix this hole without applying the patch? (Or, is there
an alternate patch for SP3 users?)

Sincerely,

Douglas Schlenker

-----------------------------------------------------------------------------
------------------------------------------------------------------------------

Next message: Wetwork07_at_aol.com: "Re: Biometric fingerprint scanner"

Previous message: Stefan Osterlitz: "Re: Internet explorer history viewer"
Next in thread: Lee Evans: "RE: plugging old IIS FTP holes"
Reply: Lee Evans: "RE: plugging old IIS FTP holes"
Maybe reply: Stuart: "RE: plugging old IIS FTP holes"
Maybe reply: Lee Evans: "RE: plugging old IIS FTP holes"
Maybe reply: Levinson, Karl: "RE: plugging old IIS FTP holes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: plugging old IIS FTP holes
... The patch in question is superseeded by / included in SP3. ... If you want to stop nessus reporting this, ... > I just finished running a Nessus scan against a new server ...
(Focus-Microsoft)
Re: 5.3-RELEASE: WARNING - WRITE_DMA interrupt timout
... My problem is not related to a SATA controller. ... Everything works pretty well on this server. ... the qmail MTA, an otherwise pretty powerful email program. ... I'm going to apply a patch to qmail in a few days. ...
(freebsd-current)
Re: False Alert - AD database restored by unsupported procedure.
... I still believe this is not the cause of our USN rollback ... And there are more than one DCs in this location. ... believe if this warning caused the USN ... DNS entries for this DC cannot be verified right now on DNS server ...
(microsoft.public.windows.server.active_directory)
[NT] Merak Webmail Server Multiple Vulnerabilities
... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Webmail Server has been found to contain multiple vulnerabilities ranging ... Warning: reset: Passed variable is not an array or object in C:\Archivos ... Warning: mktime: Windows does not support negative values for this ...
(Securiteam)
urgent: Second win2003 domain controller doesnt process login requests
... DCDIAG run on secondary server shows: ... Warning: DC is the Schema Owner, but is not responding to DS ... Starting test: CrossRefValidation ...
(microsoft.public.windows.server.general)