As the topic is learning to the knowledge of the network security, has found a serious loophole, FTP to black in what should I do? This is my own a drone, natural pollution-free,



Ftp PASV crashes on connect to the Ftp server

Description English:
The remote FTP server dies and dump The core The when it is
Issued a PASV command as soon as the client connects.
The FTP server is very likely to write a world readable core file
Which contains portions of the passwd file. This allows local users
To obtain the Shadowed the passwd file.

Risk factors: High.

Solution: Upgrade your FTP server to a newer version or disable it
CVE_ID: CVE - 1999-0075
NESSUS_ID: 10086


Product description:
Connect Ftp PASV make Ftp server crashes

When the remote FTP server crashes, it will dump the kernel

Immediately after the client connection PASV command,

The FTP server will probably write a global core file to read

It includes part of the passwd file, this allows the local user

Get the shadow password file,



Risk factors: high,



Solution: upgrade to the FTP server to the new version or disable it

Company code: CVE - 1999-0075

NESSUS_ number: 10086

CodePudding user response:

Details of the need to find the loopholes,,,

CodePudding user response:

reference 1st floor aabbabababaa response:

details of the need to find the loopholes,,,

Just don't know how to do the below ~

CodePudding user response:

If it's a drone, will always give you teaching method, or you put a drone do ~