论坛: 黑客进阶 标题: 用X-scan扫描我的服务器发现FTP漏洞该如何解决?请高手帮忙,感谢! 复制本贴地址    
作者: 爱我_就来 [wrbwrbwrb]    论坛用户   登录
[NetDemon] 认为这个问题不宜在本版讨论,贴子已被转移到<< 菜鸟乐园>>

========原贴内容如下:========

Ftp PASV on connect crashes the FTP server

The remote FTP server dies and dump core when it is
issued a PASV command as soon as the client connects.
The FTP server is very likely to write a world readable core file
which contains portions of the passwd file. This allows local users
to obtain the shadowed passwd file.

Risk factor : High.

Solution : Upgrade your FTP server to a newer version or disable it
CVE_ID : CVE-1999-0075
NESSUS_ID : 10086


地主 发表时间: 06-10-08 14:20

论坛: 黑客进阶

20CN网络安全小组版权所有
Copyright © 2000-2010 20CN Security Group. All Rights Reserved.
论坛程序编写:NetDemon

粤ICP备05087286号