Check or Attack Name: ftpbounce

A vulnerability exists in many FTP implementations regarding the use of the PORT command. An attacker could potentially use this command to connect to sites through the vulnerable host, effectively "bouncing" such connections.

Upgrade to the latest release of your FTP server, which should include fixes for this problem.

Academ Consulting Services, WU-FTP Server Software Release Information, http://ftp.academ.com/academ/wu-ftpd/release.html

CERT Advisory CA-97.27, FTP Bounce, http://www.cert.org/advisories/CA-97.27.FTP_bounce.html

Hewlett-Packard Security Bulletin HPSBUX9511-028, Security Vulnerability in FTP, http://us-support.external.hp.com/