This script is Copyright (C) 2011 Tenable Network Security, Inc.
The remote FTP server contains a backdoor allowing execution of
The version of vsftpd running on the remote host has been compiled
with a backdoor. Attempting to login with a username containing :)
(a smiley face) triggers the backdoor, which results in a shell
listening on TCP port 6200. The shell stops listening after a client
connects to and disconnects from it.
An unauthenticated, remote attacker could exploit this to execute
arbitrary code as root.
See also :
Validate and recompile a legitimate copy of the source code.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true
Nessus Plugin ID: 55523 ()
Bugtraq ID: 48539