CVE-1999-1544
CVSS 2.0 Score 5.0 of 10 (medium)
Details
Published Jan 24, 1999
Updated: Nov 20, 2024
Summary
CVE-1999-1544 denotes a buffer overflow vulnerability in the FTP server of Microsoft IIS 3.0 and 4.0. This issue can lead to a denial of service condition when an attacker sends a prolonged NLST (ls) command. The server fails to handle the excessive input, resulting in memory corruption and eventual crashing. Local attackers can exploit this flaw easily, while remote attacks may require additional authentication or access. This vulnerability poses a significant risk to systems running the affected IIS versions and necessitates immediate patching.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Microsoft IIS
Affected Vendors
- Microsoft