| VID |
16003 |
| Severity |
30 |
| Port |
21 |
| Protocol |
TCP |
| Class |
FTP |
| Detailed Description |
It is possible to force the FTP server to connect to third parties hosts, by using the PORT command.
This problem allows intruders to use your network resources to scan other hosts, making them think the attack comes from your
network, or it can even allow them to go through your firewall.
* References:
http://www.cert.org/advisories/CA-1997-27.html
http://www.iss.net/security_center/static/892.php
http://www.ciac.org/ciac/bulletins/I-018a.shtml |
| Recommendation |
Upgrade to the latest version of your FTP server, or use another FTP server. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
