The host is running tnftpd server and is prone to Cross-Site Request Forgery vulnerability.
Successful exploitation will let the attacker execute arbitrary code to perform CSRF attacks, Web cache poisoning, and other malicious activities. Impact Level: Application/Network
Upgrade to tnftpd version 20080929 or later, ftp://ftp.netbsd.org/pub/NetBSD/misc/tnftp/
The flaw is due to the application truncating an overly long FTP command and improperly interpreting the remainder string as a new FTP command. This can be exploited via unknown vectors, probably involving a crafted 'ftp://' link to a tnftpd server.
NetBSD, tnftpd Version prior to 20080929
- XM Easy Personal FTP Server 'TYPE' Command Remote Denial of Service Vulnerability
- Femitter FTP Server Multiple Directory Traversal Vulnerabilities
- QuickShare File Share FTP Server Directory Traversal Vulnerability
- vsftpd FTP Server 'ls.c' Remote Denial of Service Vulnerability
- FTPD glob (too many *) denial of service