Assessing an IIS FTP 7.5 Unauthenticated Denial of Service Vulnerability
Wednesday, December 22, 2010
There has been some discussion around a publicly posted PoC code that exploits a vulnerability in IIS FTP 7.5, which ships with Windows 7 and Windows Server 2008 R2. Our engineering team is looking into the situation and has made a few preliminary observations that might clear up some confusion. We’ve observed three notable characteristics.