NETFile FTP/Web Server FTP Bounce Attack

medium Nessus Plugin ID 18295

Synopsis

The remote FTP server is prone to a denial of service attack.

Description

The NETFile FTP/Web server on the remote host is vulnerable to a denial of service attack due to its support of the FXP protocol and its failure to validate the IP address supplied in a PORT command.

Additionally, this issue can be leveraged to bypass firewall rules to connect to arbitrary hosts.

Solution

Upgrade to NETFile FTP/Web Server 7.6.0 or later and disable FXP support.

See Also

http://www.security.org.sg/vuln/netfileftp746port.html

Plugin Details

Severity: Medium

ID: 18295

File Name: netfile_ftpd_746.nasl

Version: 1.21

Type: remote

Family: FTP

Published: 5/18/2005

Updated: 7/16/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.1

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/a:fastream:netfile_ftp_web_server

Required KB Items: ftp/login, ftp/password

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 5/17/2005

Reference Information

CVE: CVE-2005-1646

BID: 13653