FTP Attack - Successful SITE EXEC Command

High Nessus Network Monitor Plugin ID 6217

Synopsis

An FTP user issued a successful SITE EXEC command.

Description

An FTP user issued a successful SITE EXEC command. The SITE EXEC command is often attempted by remote hackers to run UNIX and Windows commands directly on the FTP server. This PVS rule detects a successful command execution, not an attempt.

Solution

Disable the FTP service or restrict access to it.

Plugin Details

Severity: High

ID: 6217

Family: Generic

Published: 2012/01/06

Modified: 2015/06/01

Dependencies: 1803, 1804

Risk Information

Risk Factor: High