FTP Service IP Address Verification Bypass Vulnerability

FTP Service IP Address Verification Bypass Vulnerability

CVE-2005-0315 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

The FTP service in Magic Winmail Server 4.0 Build 1112 does not verify that the IP address in a PORT command is the same as the IP address of the user of the FTP session, which allows remote authenticated users to use the server as an intermediary for port scanning.

Learn more about our Cis Benchmark Audit For Server Software.