Microsoft IIS FTPd Globbing Functionality Remote Denial of Service Vulnerability

Microsoft IIS FTPd Globbing Functionality Remote Denial of Service Vulnerability

Microsoft has reported limited in-the-wild exploitation of this issue.

The following example command is available:

ls "-R p*/../"

Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.