|
Family: FTP --> Category: attack
Ftp PASV on connect crashes the FTP server Vulnerability Scan
Vulnerability Scan Summary Issues a PASV command upon the connection
Detailed Explanation for this Vulnerability Test
The remote FTP server dies and dump core when it is
issued a PASV command as soon as the client connects.
The FTP server is very likely to write a world readable core file
which contains portions of the passwd file. This allows local users
to obtain the shadowed passwd file.
Threat Level: High.
Solution : Upgrade your FTP server to a newer version or disable it
Click HERE for more information and discussions on this network vulnerability scan.
|