Credit: Kingcope
Kingcope’s latest vulnerability was a stack overflow in the IIS FTP server. It was posted on the Full-Disclosure mailing list and was accompanied by working exploit code. The vulnerability was stopped by the stack cookie on IIS6, but it was easily exploitable on older versions.