FtpXQ FTP Server < 3.0.2 Multiple Vulnerabilities
Critical Nessus Network Monitor Plugin ID 3799
SynopsisThe remote host is vulnerable to multiple attack vectors.
DescriptionThe remote FtpXQ FTP server vulnerable to multiple flaws. Versions 3.01 and lower are vulnerable to a buffer overflow that results in a Denial of Service (DoS) attack. In addition, versions 3.01 and lower ship with two default accounts that are enabled. These accounts are:
An attacker exploiting the 'test' default account would have read/write capability on the remote FTP server.
SolutionUpgrade to version 3.0.2 or higher.