"CroiX" <[EMAIL PROTECTED]> writes: > Question: (quick version): Is Rhinosoft's Serv-U 4.1 truly vulnerable to > an FTP_bounce attack as suggested by Nessus v. 2.0.7, or am I seeing a > false positive?
nmap supports FTP bounce scan. You could check with it. nmap -b rhino_ip another_target_ip > When this option is unchecked FXP transfers are not possible. But the server answered 200 (OK) to the PORT request... > their scan just detects that you are running something on port 21 > so they assume you are vulnerable. No. Unlike some of its competitors, Nessus really tests the flaw. > I would guess that the script is faulty. Maybe it is. I suggest that you run the script (if you use the standalone NASL interpretor, you'll have to edit it to set "login" and "pass") and sniff the traffic. Ethereal is excellent at this. If you use tcpdump, increase the snap length (1500 on ethernet).
