This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.
The remote FTP server is affected by a cross-site request forgery
The version of FTP running on the remote host is affected by a
cross-site request forgery vulnerability. Long file names are not
processed properly, resulting in the execution of arbitrary commands.
If a user is logged into the FTP server via web browser, a remote
attacker could exploit this by tricking them into requesting a
maliciously crafted web page, resulting in the execution of arbitrary
See also :
There is no known solution at this time.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 4.1
Public Exploit Available : true
Nessus Plugin ID: 47040 ()
Bugtraq ID: 40320