WS FTP Server FTP Bounce Attack And PASV Connection Hijacking Flaw Network Vulnerability

Summary

According to its version number, the remote WS_FTP server is vulnerable to session hijacking during passive connections and to a FTP bounce attack when a user submits a specially crafted FTP command. OVS only checked the version number in the server banner

Solution

Upgrade to the latest version of this software

Severity

Classification

CVE CVE-1999-0017
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

EFTP installation directory disclosure
WS FTP STAT buffer overflow0
httpdx 'MKD' Command Directory Traversal Vulnerability
Trellian FTP 'PASV' Response Buffer Overflow Vulnerability
FTPDMIN 'RNFR' Command Buffer Overflow Vulnerability

WS FTP server FTP bounce attack and PASV connection hijacking flaw

Take action and discover your vulnerabilities