CVE-1999-1544

CVSS 2.0 Score 5.0 of 10 (medium)

Details

Published Jan 24, 1999
Updated: Nov 20, 2024

Summary

CVE-1999-1544 denotes a buffer overflow vulnerability in the FTP server of Microsoft IIS 3.0 and 4.0. This issue can lead to a denial of service condition when an attacker sends a prolonged NLST (ls) command. The server fails to handle the excessive input, resulting in memory corruption and eventual crashing. Local attackers can exploit this flaw easily, while remote attacks may require additional authentication or access. This vulnerability poses a significant risk to systems running the affected IIS versions and necessitates immediate patching.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share