Ubuntu
linux-ftpd package

FTP server uses predictable port numbers for PASV connections

Asked by Douglas Otto on 2011-11-21

Our Rapid 7 scanner has detected a vulnerability on a newly installed Ubuntu v11.10 server running vsFTPd 2.3.2.

It says "FTP server used ports 51156, 51157, 51158, 51159, 51160, which is a predictable sequence."

Does anyone know about this vulnerability and how to fix it?

Question information

Language:: English Edit question

Status:: Answered

For:: Ubuntu linux-ftpd Edit question

Assignee:: No assignee Edit question

Last query:: 2011-11-21

Last reply:: 2011-11-21

Revision history for this message

actionparsnip (andrew-woodhead666) said on 2011-11-21:

#1

I suggest you report a vulnerability bug.

Can you help with this problem?

Provide an answer of your own, or ask Douglas Otto for more information if necessary.

To post a message you must log in.

Ask a question

Edit question

Subscribers