This script is Copyright (C) 2001-2011 Tenable Network Security, Inc.
The remote FTP server is susceptible to an account enumeration attack.
It is possible to determine the existence of a user on the remote
system by issuing the command CWD ~<username>, even before logging in.
An attacker can exploit this flaw to determine the existence of known
There is no known solution at this time.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 5.0
Public Exploit Available : true
Nessus Plugin ID: 10653 (ftp_sol_check_user.nasl)
Bugtraq ID: 2564