ProFTPD Auth API Multiple Auth Module Authentication Bypass

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.

Synopsis :

It is possible to bypass the authentication scheme of the remote FTP

Description :

The remote host is running ProFTPd. Due to a bug in the way the
remote server is configured and the way it processes the USER and PASS
commands, it is possible to log into the remote system by supplying
invalid credentials.

See also :

Solution :

Upgrade to the latest (CVS) version of this software.

Risk factor :

Medium / CVSS Base Score : 5.1
CVSS Temporal Score : 4.4
Public Exploit Available : false

Family: FTP

Nessus Plugin ID: 25040 ()

Bugtraq ID: 23546

CVE ID: CVE-2007-2165

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial