362 matches found
CVE-2002-0538
CVE-2002-0538 concerns the FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0, which rewrites FTP PORT responses to enable remote attackers to redirect FTP data connections to arbitrary ports. This is described as a variant of the FTP bounce vulnerability. The connected documents corr...
IPSwitch WS_FTP ftp bounce attack
No description provided...
IPSwitch, Inc. WS_FTP Server
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Product: IPSwitch, Inc. WSFTP Server Versions: v3.13 dated 2002.08.07, possibly others. Severity: Medium-Hot Author: low halo [email protected] Date: October 25th, 2002 Revision: 1.0 Overview WSFTP v3.13 by IPSwitch, Inc., is vulnerable to the...
CVE-2002-0538
FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability...
CVE-2002-0222
Etype Eserv 2.97 allows remote attackers to redirect traffic to other sites aka FTP bounce via the PORT command...
CVE-2002-0222
Etype Eserv 2.97 allows remote attackers to redirect traffic to other sites aka FTP bounce via the PORT command...
CVE-2002-0222
The CVE-2002-0222 entry concerns Etype Eserv 2.97, where the PORT command enables an FTP bounce attack. An attacker can redirect data connections to arbitrary hosts, potentially affecting confidentiality, integrity, and availability. The NVD notes a network-accessible, low-complexity exploit with...
Raptor Firewall FTP Bounce vulnerability
Raptor Firewall FTP Bounce vulnerability Summary: The Raptor Firewall can make an FTP server behind it vulnerable to the well-known FTP bounce vulnerability even if the FTP server used is not susceptible to this issue. Overview: While performing a penetration test for a customer, we discovered th...
CVE-2002-0139
Pi-Soft SpoonFTP 1.1 and earlier allows remote attackers to redirect traffic to other sites aka FTP bounce via the PORT command...
Vulnerabilities in EServ 2.97
There are a couple of vulnerabilities in EServ 2.97. Vulnerability 1 The FTP server doesn't close the sockets that are allocated from using the PASV command. After all ports from 1024 to 5000 are listening after running a lot of PASV commands in a row no users can use passive mode anymore until t...
Релеинг соединений в SpoonFTP (ftp bounce attack)
При установке Ftp-data соединения не проверяются привелигерованные порты и IP адрес назначения...
Bounce vulnerability in SpoonFTP 1.1.0.1
The vulnerability: The FTP server is vulnerable to the FTP bounce attack, even against ports lower than 1024. Vendor Response: Pi-Soft have created a new version that among other things fix this vulnerability. Their response was very nice and quick. /Arne Vidstrom, http://ntsecurity.nu...
CVE-2000-0813
Technical details about CVE-2000-0813 are not publicly provided in the connected documents you supplied. The materials do not specify affected products/versions beyond Check Point VPN-1/FireWall-1 4.1 and earlier, nor concrete remediation steps. Monitor for updates.
CVE-2000-0813
Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to redirect FTP connections to other servers "FTP Bounce" via invalid FTP commands that are processed improperly by FireWall-1, aka "FTP Connection Enforcement Bypass."...
CVE-2000-0813
Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to redirect FTP connections to other servers "FTP Bounce" via invalid FTP commands that are processed improperly by FireWall-1, aka "FTP Connection Enforcement Bypass."...
CVE-1999-0017
CVE-1999-0017 is a documented FTP bounce vulnerability where an FTP server can be abused to connect to arbitrary ports on an attacker-controlled host by exploiting the PORT/PORT-like mechanisms. The core issue is that an FTP server’s data connection handling allows bounce traffic to other hosts (...
solaris-2.7-finger-bounce.txt
Date: Sat, 26 Dec 1998 20:08:38 -0500 From: spoon To: [email protected] Subject: lame old finger bounce bug still exists in sparc 2.7 Hi, while beating on solaris today i found this... Yeah and finger is still enabled in inetd.conf by default in solaris 2.7. suprised this still exists... shrug...
FTP Privileged Port Bounce Scan
It is possible to force the remote FTP server to connect to third parties using the PORT command. The problem allows intruders to use your network resources to scan other hosts, making them think the attack comes from your network. TRUSTED...
CVE-1999-0017
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce...
PT-1997-1005 · Ibm +8 · Aix +10
Name of the Vulnerable Software and Affected Versions: FTP servers affected versions not specified Description: The issue allows an attacker to connect to arbitrary ports on machines other than the FTP client. This is also known as FTP bounce. Recommendations: At the moment, there is no informati...