CVE-2017-15269
MEDIUMPSFTPd 10.0.4 Build 729 - FTP Bounce Scan Vulnerability
Title source: llmDescription
The PSFTPd 10.0.4 Build 729 server does not prevent FTP bounce scans by default. These can be performed using "nmap -b" and allow performing scans via the FTP server.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/144972/PSFTPd-Windows-FTP-Server-10.0.4-Build-729-Use-After-Free-Log-Injection.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/541518/100/0/threaded
Third Party Advisory x_refsource_misc
https://www.x41-dsec.de/lab/advisories/x41-2017-006-psftpd/
Scores
CVSS v3
4.3
EPSS
0.0150
EPSS Percentile
70.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-610
Status
published
Products (1)
psftp/psftpd
10.0.4
Published
Nov 15, 2017
Tracked Since
Feb 18, 2026