ID

VAR-199712-0008


CVE

CVE-1999-0017


TITLE

FTP Security hole

Trust: 0.6

sources: CNNVD: CNNVD-199712-006

DESCRIPTION

FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. This problem is a design issue with the common implementation of the FTP protocol. In essence, the vulnerability is as follows: when a user FTP's into a host to retrieve files, the connection is two way (i.e. when you log in and request a file, the server then opens a connection back to your host of origin to deliver your requested data). Most FTP servers support what is called 'active mode' which allows users to specify a number of parameters to the FTP daemon. One of these is the PORT command, which lets you specify *where* you would like the return data connection to be sent. Therefore, instead of opening a connection back to yourself to drop off your requested files or data, you can then open that connection back to another host. This is true with both retrieving and putting data. Attackers can exploit this in some instances to circumvent access control, export restrictions, etc. There is a vulnerability in the FTP server

Trust: 1.26

sources: NVD: CVE-1999-0017 // BID: 126 // VULHUB: VHN-17

AFFECTED PRODUCTS

vendor:sunmodel:sunosscope:eqversion:4.1.4

Trust: 1.9

vendor:sunmodel:sunosscope:eqversion:4.1.3u1

Trust: 1.6

vendor:sunmodel:sunosscope:eqversion:5.3

Trust: 1.6

vendor:sunmodel:sunosscope:eqversion:5.5.1

Trust: 1.6

vendor:sunmodel:sunosscope:eqversion:5.5

Trust: 1.6

vendor:sunmodel:sunosscope:eqversion:5.4

Trust: 1.6

vendor:scomodel:unixwarescope:eqversion:2.1

Trust: 1.3

vendor:scomodel:open desktopscope:eqversion:3.0

Trust: 1.3

vendor:netbsdmodel:netbsdscope:eqversion:1.2

Trust: 1.3

vendor:netbsdmodel:netbsdscope:eqversion:1.1

Trust: 1.3

vendor:netbsdmodel:netbsdscope:eqversion:1.0

Trust: 1.3

vendor:ibmmodel:aixscope:eqversion:4.3

Trust: 1.3

vendor:ibmmodel:aixscope:eqversion:4.2

Trust: 1.3

vendor:ibmmodel:aixscope:eqversion:4.1

Trust: 1.3

vendor:ibmmodel:aixscope:eqversion:3.2

Trust: 1.3

vendor:freebsdmodel:freebsdscope:eqversion:2.0

Trust: 1.3

vendor:gnumodel:inetscope:eqversion:6.01

Trust: 1.0

vendor:freebsdmodel:freebsdscope:eqversion:1.0

Trust: 1.0

vendor:siemensmodel:reliant unixscope:eqversion:*

Trust: 1.0

vendor:freebsdmodel:freebsdscope:eqversion:2.1.0

Trust: 1.0

vendor:calderamodel:openlinuxscope:eqversion:1.2

Trust: 1.0

vendor:freebsdmodel:freebsdscope:eqversion:2.1.7

Trust: 1.0

vendor:scomodel:openserverscope:eqversion:5.0.4

Trust: 1.0

vendor:freebsdmodel:freebsdscope:eqversion:1.2

Trust: 1.0

vendor:gnumodel:inetscope:eqversion:5.01

Trust: 1.0

vendor:washington universitymodel:wu-ftpdscope:eqversion:2.4

Trust: 1.0

vendor:netbsdmodel:netbsdscope:eqversion:1.2.1

Trust: 1.0

vendor:gnumodel:inetscope:eqversion:6.02

Trust: 1.0

vendor:freebsdmodel:freebsdscope:eqversion:1.1

Trust: 1.0

vendor:washingtonmodel:university wu-ftpd academ[beta1-15]scope:eqversion:2.4.2

Trust: 0.3

vendor:sunmodel:solaris x86scope:eqversion:2.5.1

Trust: 0.3

vendor:sunmodel:solarisscope:eqversion:2.5.1

Trust: 0.3

vendor:sunmodel:solaris 2.6 x86scope: - version: -

Trust: 0.3

vendor:sunmodel:solarisscope:eqversion:2.6

Trust: 0.3

vendor:sunmodel:solaris 2.5 x86scope: - version: -

Trust: 0.3

vendor:sunmodel:solarisscope:eqversion:2.5

Trust: 0.3

vendor:sgimodel:irix mscope:eqversion:6.5.5

Trust: 0.3

vendor:sgimodel:irix fscope:eqversion:6.5.5

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.5.5

Trust: 0.3

vendor:sgimodel:irix mscope:eqversion:6.5.4

Trust: 0.3

vendor:sgimodel:irix fscope:eqversion:6.5.4

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.5.4

Trust: 0.3

vendor:sgimodel:irix mscope:eqversion:6.5.3

Trust: 0.3

vendor:sgimodel:irix fscope:eqversion:6.5.3

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.5.3

Trust: 0.3

vendor:sgimodel:irix mscope:eqversion:6.5.2

Trust: 0.3

vendor:sgimodel:irix fscope:eqversion:6.5.2

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.5.2

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.5.1

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.5

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.4

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.3

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.2

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.1

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.0.1

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.0

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:5.3

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:5.2

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:5.1.1

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:5.1

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:5.0.1

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:5.0

Trust: 0.3

vendor:sgimodel:irix hscope:eqversion:4.0.5

Trust: 0.3

vendor:sgimodel:irix gscope:eqversion:4.0.5

Trust: 0.3

vendor:sgimodel:irix fscope:eqversion:4.0.5

Trust: 0.3

vendor:sgimodel:irix escope:eqversion:4.0.5

Trust: 0.3

vendor:sgimodel:irix dscope:eqversion:4.0.5

Trust: 0.3

vendor:sgimodel:irix ascope:eqversion:4.0.5

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:4.0.5

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:4.0.4

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:4.0.3

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:4.0.2

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:4.0.1

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:4.0

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:3.3.3

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:3.3.2

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:3.3.1

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:3.3

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:3.2

Trust: 0.3

vendor:scomodel:open serverscope:eqversion:5.0

Trust: 0.3

vendor:rhinomodel:software serv-uscope:eqversion:4.1

Trust: 0.3

vendor:rhinomodel:software serv-uscope:eqversion:4.0.0.4

Trust: 0.3

vendor:rhinomodel:software serv-uscope:eqversion:3.1

Trust: 0.3

vendor:rhinomodel:software serv-uscope:eqversion:3.0

Trust: 0.3

vendor:madmodel:goat software mgftpscope:eqversion:2.2

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:4.2.1

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:10.24

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:11.0

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:10.20

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:10.16

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:10.10

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:9.9

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:9.8

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:9.7

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:9.6

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:9.5

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:9.4

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:9.3

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:9.1

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:9.0

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:7.8

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:7.6

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:7.4

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:7.2

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:7.0

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:2.1.7.1

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:2.1.6

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:2.1.5

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:2.1

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:2.0.5

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:1.1.5.1

Trust: 0.3

vendor:digitalmodel:unix dscope:eqversion:4.0

Trust: 0.3

vendor:digitalmodel:unix cscope:eqversion:4.0

Trust: 0.3

vendor:digitalmodel:unix bscope:eqversion:4.0

Trust: 0.3

vendor:digitalmodel:unix ascope:eqversion:4.0

Trust: 0.3

vendor:digitalmodel:unixscope:eqversion:4.0

Trust: 0.3

vendor:digitalmodel:unix gscope:eqversion:3.2

Trust: 0.3

sources: BID: 126 // CNNVD: CNNVD-199712-006 // NVD: CVE-1999-0017

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-1999-0017
value: HIGH

Trust: 1.0

CNNVD: CNNVD-199712-006
value: HIGH

Trust: 0.6

VULHUB: VHN-17
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-1999-0017
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-17
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-17 // CNNVD: CNNVD-199712-006 // NVD: CVE-1999-0017

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-1999-0017

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-199712-006

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-199712-006

EXTERNAL IDS

db:NVDid:CVE-1999-0017

Trust: 2.0

db:CNNVDid:CNNVD-199712-006

Trust: 0.7

db:BIDid:126

Trust: 0.4

db:VULHUBid:VHN-17

Trust: 0.1

sources: VULHUB: VHN-17 // BID: 126 // CNNVD: CNNVD-199712-006 // NVD: CVE-1999-0017

REFERENCES

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/cve-1999-0017

Trust: 1.7

url:ftp://ftp.cert.org/pub/tech_tips/ftp_port_attacks

Trust: 0.3

url:ftp://ftp.avian.org/random/ftp-attack

Trust: 0.3

url:http://www.cert.org/advisories/ca-1997-27.html

Trust: 0.3

url: -

Trust: 0.1

sources: VULHUB: VHN-17 // BID: 126 // CNNVD: CNNVD-199712-006 // NVD: CVE-1999-0017

CREDITS

This problem was initially posted to the Bugtraq mailing list by *Hobbit* (hobbit@avian.org) on July12/1995.

Trust: 0.9

sources: BID: 126 // CNNVD: CNNVD-199712-006

SOURCES

db:VULHUBid:VHN-17
db:BIDid:126
db:CNNVDid:CNNVD-199712-006
db:NVDid:CVE-1999-0017

LAST UPDATE DATE

2024-08-14T13:40:55.235000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-17date:2008-09-09T00:00:00
db:BIDid:126date:2007-12-18T20:05:00
db:CNNVDid:CNNVD-199712-006date:2022-08-18T00:00:00
db:NVDid:CVE-1999-0017date:2022-08-17T07:15:08.243

SOURCES RELEASE DATE

db:VULHUBid:VHN-17date:1997-12-10T00:00:00
db:BIDid:126date:1995-07-12T00:00:00
db:CNNVDid:CNNVD-199712-006date:1997-12-10T00:00:00
db:NVDid:CVE-1999-0017date:1997-12-10T05:00:00