PT-2017-13955 · Psftpd · Psftpd

Eric Sesterhenn

Published

2017-11-15

Updated

2019-10-03

CVE-2017-15269

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions PSFTPd version 10.0.4 Build 729

Description The issue allows FTP bounce scans to be performed by default, which can be exploited using commands like "nmap -b". This enables scans to be conducted via the FTP server.

Recommendations For PSFTPd version 10.0.4 Build 729, consider configuring the server to prevent FTP bounce scans as a mitigation measure.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-610

Related Identifiers

CVE-2017-15269

Affected Products

Psftpd

PT-2017-13955 · Psftpd · Psftpd

CVE-2017-15269

Weakness Enumeration

Related Identifiers

Affected Products

References · 5