Check Point Advisories

Security Best Practice: Protect Yourself from FTP Bounce Attacks

Check Point Reference: SBP-2006-23
Date Published: 16 Jul 2006
Severity: Critical
Last Updated: Sunday 01 January, 2006
Source: SmartDefense Research Center
Industry Reference:CVE-2002-0222
CVE-2002-0139
Protection Provided by:
Who is Vulnerable? FTP servers
Vulnerability Description To conform with the FTP protocol, the PORT command has the originating machine specify an arbitrary destination machine and port for the data connection. However, this behavior also means that an attacker can open a connection to a specific port on a machine that may not be the originating client. Making this connection to an arbitrary machine for unauthorized purposes is the "FTP Bounce" attack.
Vulnerability DetailsExamples for known FTP Bounce attacks:

CVE-2002-0222 - Etype Eserv 2.97 allows remote attackers to redirect traffic to other sites via the PORT command.

CVE-2002-0139 - Pi-Soft SpoonFTP 1.1 allows remote attackers to redirect traffic to other sites via the PORT command.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK