The remote FTP server permits anonymous users to create arbitrary files and/or folders. There is a risk to operating an anonymous FTP service that permits users to store files. We strongly recommend that sites do not automatically create a "drop off" directory unless thought has been given to the possible risks of having such a service.
World-writable directories in anonymous FTP services are often used to store and distribute warez (stolen copyrighted software) or other illicit data.


If you are not using this service, it is recommended to disable it. Otherwise deny FTP anonymous write access.
Consult references for detailed information about fixing this vulnerability.


Related Vulnerabilities