FTP Privileged Port Bounce Scan

High Nessus Plugin ID 10081


The remote FTP server is vulnerable to a FTP server bounce attack.


It is possible to force the remote FTP server to connect to third parties using the PORT command.

The problem allows intruders to use your network resources to scan other hosts, making them think the attack comes from your network.


See the CERT advisory in the references for solutions and workarounds.

See Also


Plugin Details

Severity: High

ID: 10081

File Name: ftp_bounce.nasl

Version: $Revision: 1.43 $

Type: remote

Family: FTP

Published: 1999/06/22

Modified: 2016/09/26

Dependencies: 10092, 10079, 18367

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 7.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:U/RC:ND

Vulnerability Information

Required KB Items: ftp/login

Excluded KB Items: ftp/ncftpd

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 1995/07/12

Reference Information

CVE: CVE-1999-0017

BID: 126

OSVDB: 71, 87439, 88560, 88561, 88562, 88563, 88564, 88565, 88566, 88567, 88568, 88569, 88570, 88571, 88572

CERT-CC: CA-1997-27