VULHUB ™

NcFTPd does not confirm that destination PORT addresses belong to correct user IPs, allowing anyone to transmit data from the server anywhere, anonymously. Denial of Service attacks and spoofed sessions can result. Fix included.

NcFTPd does not confirm that destination PORT addresses belong to correct user IPs, allowing anyone to transmit data from the server anywhere, anonymously. Denial of Service attacks and spoofed sessions can result. Fix included.