US-CERT Current Activity – Microsoft Internet Information Services (IIS) FTP Service Vulnerability
Here are the latest in IIS vulenrability statements:
US-CERT Current Activity
Microsoft Internet Information Services (IIS) FTP Service Vulnerability
Original release date: August 31, 2009 at 4:27 pm Last revised: August 31, 2009 at 4:27 pm
Microsoft Internet Information Services (IIS) FTP Service Vulnerability
US-CERT is aware of a public report of a vulnerability affecting the Microsoft Internet Information Services (IIS) FTP service. This vulnerability may allow a remote attacker to execute arbitrary code.
US-CERT encourages administrators to disable anonymous write access to the FTP server to help mitigate the vulnerability, although a proper impact analysis should be performed prior to taking defensive measures.
US-CERT will provide additional information as it becomes available.
====
This entry is available at
http://www.us-cert.gov/current/index.html#microsoft_internet_information_services_iis1
