CVE-1999-0017

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Dec 10, 1997
Updated: Nov 20, 2024

Summary

CVE-1999-0017 is a vulnerability affecting FTP servers that allows an attacker to connect to arbitrary ports on machines other than the FTP client, a process known as FTP bouncing. This issue arises due to the FTP protocol's lack of security measures limiting the destination ports for data connections. An attacker can exploit this vulnerability to gain unauthorized access to systems and potentially launch further attacks, posing a significant risk to network security. To mitigate this threat, administrators should update their FTP servers to the latest versions and configure them to restrict data connections to specific, trusted ports.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • SunOS
  • FreeBSD
  • IBM AIX
  • NetBSD

Affected Vendors

  • IBM Corporation
  • Oracle Corp
  • Netbsd
  • FreeBSD Project