A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands.
| Software | From | Fixed in |
|---|---|---|
| microsoft / internet_information_server | 3.0 | 3.0.x |
| microsoft / internet_information_server | 4.0 | 4.0.x |