Inadequate Hostname Verification in ProFTPD 1.2.2rc2 and Possibly Other Versions

Inadequate Hostname Verification in ProFTPD 1.2.2rc2 and Possibly Other Versions

CVE-2001-1500 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged.

Learn more about our Web Application Penetration Testing UK.