CVE-1999-0349
Internet Information Server - Buffer Overflow via FTP List Command
Title source: llmDescription
A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands.
References (3)
Core 3
Core References
Various Sources third-party-advisory
x_refsource_eeye
http://www.eeye.com/html/Research/Advisories/IIS%20Remote%20FTP%20Exploit/DoS%20Attack.html
Vendor Advisory vendor-advisory
x_refsource_mskb
http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ188348
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-003
Scores
EPSS
0.1792
EPSS Percentile
96.8%
Details
CWE
CWE-119
Status
published
Products (2)
microsoft/internet_information_server
3.0
microsoft/internet_information_server
4.0
Published
Jan 27, 1999
Tracked Since
Feb 18, 2026