=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2011/VULN093
_____________________________________________________________________

DATE                      : 09/02/2011

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Windows Vista, Windows 7,
                             Windows Server 2008 running FTP Service.

======================================================================
KB2489256
http://www.microsoft.com/technet/security/Bulletin/MS11-004.mspx
______________________________________________________________________

Microsoft Security Bulletin MS11-004 - Important
Vulnerability in Internet Information Services (IIS) FTP Service Could Allow Remote
  Code Execution (2489256)

Published: February 08, 2011

Version: 1.0

General Information

Executive Summary

This security update resolves a publicly disclosed vulnerability in Microsoft
Internet Information Services (IIS) FTP Service. The vulnerability could allow
remote code execution if an FTP server receives a specially crafted FTP command.
FTP Service is not installed by default on IIS.

This security update is rated Important for Microsoft FTP Service 7.0 for IIS
7.0 and Microsoft FTP Service 7.5 for IIS 7.0 when installed on all supported
editions of Windows Vista and Windows Server 2008, and for Microsoft FTP Service
7.5 for Internet Information Services 7.5 on all supported editions of Windows 7
and Windows Server 2008 R2. For more information, see the subsection, Affected
and Non-Affected Software, in this section.

The security update addresses the vulnerability by modifying the way that the
IIS FTP Service handles specially crafted FTP commands. For more information
about the vulnerability, see the Frequently Asked Questions (FAQ) subsection
for the specific vulnerability entry under the next section, Vulnerability
Information.

Affected Software

Windows Vista Service Pack 1 and Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service
  Pack 2
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit
  Systems Service Pack 2
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based
  Systems Service Pack 2
Windows 7 for 32-bit Systems
Windows 7 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for Itanium-based Systems

Vulnerability Information

	
IIS FTP Service Heap Buffer Overrun Vulnerability - CVE-2010-3972

A vulnerability exists in the FTP Service in Microsoft Internet Information
Services (IIS) 7.0 and Microsoft Internet Information Services (IIS) 7.5. The
vulnerability could allow remote code execution.


======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 23 - 25 Rue Daviel    | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================