This script is Copyright (C) 2010-2011 Tenable Network Security, Inc.
The remote FTP server has a cross-site request forgery vulnerability.
The version of FTP running on the remote host has a cross-site
request forgery vulnerability. Long file names are not processed
properly, resulting in the execution of arbitrary commands.
If a user is logged into the FTP server via web browser, a remote
attacker could exploit this by tricking them into requesting a
maliciously crafted web page, resulting in the execution of arbitrary
See also :
There is no known solution at this time.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 4.1
Public Exploit Available : true
Nessus Plugin ID: 47040 ()
Bugtraq ID: 40320