Check or Attack Name: FTP PASV Denial of Service

A vulnerability exists in many FTP server packages that allows an attacker to endlessly request PASV (passive) connections to the server. Eventually, this attack depletes all the ports on the system, denying legitimate traffic to the machine.

Update your FTP server.

Wu-FTP: The latest version of wu-ftp is available from ftp://ftp.academ.com/pub/wu-ftpd/ or at http://ftp.academ.com/academ/wu-ftpd/release.html.

Windows NT: Apply the latest Windows NT 4.0 Service Pack, or the ftp-fix patch:

1. Open a web browser.
2. Go to http://support.microsoft.com/support/ntserver/Content/ServicePacks and follow the directions to download the appropriate service pack for your computer.
3. Find the installation program you downloaded to your computer.
4. Double-click the program icon to start the installation.
5. Follow the installation directions.

Download and apply the ftp-fix patch from ftp://ftp.microsoft.com/bussys/iis/iis-public/fixes/usa/security/ftp-fix/.

Microsoft Knowledge Base Article Q189262, FTP Passive Mode May Terminate Session, http://support.microsoft.com/support/kb/articles/q189/2/62.asp