CVE-1999-0017

FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.

Referenced by CVEs: CVE-2006-6947, CVE-2007-2150, CVE-2007-6741
Score7.5
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published1997-12-10 12:00:00.000-05
Last Modified2008-09-09 08:33:32.000-04

Vulnerable Software List

VendorProductVersions
Freebsd Freebsd 1.0, 1.1, 1.2, 2.0, 2.1.0, 2.1.7
Caldera Openlinux 1.2
Netbsd Netbsd 1.0, 1.1, 1.2, 1.2.1
Ibm Aix 3.2, 4.1, 4.2, 4.3
Sun Sunos 4.1.3u1, 4.1.4, 5.3, 5.4, 5.4::x86, 5.5, 5.5.1, 5.5.1::x86, 5.5::x86
Gnu Inet 5.01, 6.01, 6.02
Washington University Wu-ftpd 2.4
Siemens Reliant Unix
Sco Open Desktop 3.0
Sco Openserver 5.0.4
Sco Unixware 2.1

References

This CVE contains no reference information.