CVE-2007-6741

Name of the Vulnerable Software and Affected Versions pyftpdlib versions prior to 0.2.0

Description The issue concerns the ftp PORT function in FTPServer.py, which does not properly restrict TCP connections to privileged ports under certain conditions. This could potentially allow remote authenticated users to conduct FTP bounce attacks by crafting specific FTP data. An example of such an attack is against a NAT server.

Recommendations For versions prior to 0.2.0, update to version 0.2.0 or later to resolve the issue.