It creates two directories on this server, via the MKD command. The exploit contains shell code which is tailored for Windows 2000 and uses an anonymous FTP log-in to connect to the server under attack. First reports by independent security experts have confirmed that it is functional. The source code of the exploit was published as a PDF file. No patch for the vulnerability is available so far.
According to its author, 'Kingcope', the vulnerability affects the FTP service of Microsoft's Internet Information Services 5 server suite, and apparently even affects version 6, which has 'Stack Cookie Protection'. An exploit which allegedly enables attackers to obtain system privileges on a Microsoft server via its FTP service has appeared on the Full Disclosure mailing list.