FTP Privileged Port Bounce Scan

This script is Copyright (C) 1999-2016 Tenable Network Security, Inc.

Synopsis :

The remote FTP server is vulnerable to a FTP server bounce attack.

Description :

It is possible to force the remote FTP server to connect to third
parties using the PORT command.

The problem allows intruders to use your network resources to scan
other hosts, making them think the attack comes from your network.

See also :


Solution :

See the CERT advisory in the references for solutions and workarounds.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 7.1
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 10081 (ftp_bounce.nasl)

Bugtraq ID: 126

CVE ID: CVE-1999-0017

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now