Multiple Vendor FTP Bounce Attack Vulnerability

Bugtraq ID:	126
Class:	Design Error
CVE:	CVE-1999-0017
Remote:	Yes
Local:	No
Published:	Jul 12 1995 12:00AM
Updated:	Dec 18 2007 08:05PM
Credit:	This problem was initially posted to the Bugtraq mailing list by Hobbit (hobbit@avian.org) on July12/1995.
Vulnerable:	Washington University wu-ftpd 2.4.2 academ[BETA1-15] + Caldera OpenLinux Standard 1.2 Sun SunOS 4.1.4 Sun Solaris 2.5.1 _x86 Sun Solaris 2.5.1 Sun Solaris 2.6_x86 Sun Solaris 2.6 Sun Solaris 2.5_x86 Sun Solaris 2.5 SGI IRIX 6.5.5 m SGI IRIX 6.5.5 f SGI IRIX 6.5.5 SGI IRIX 6.5.4 m SGI IRIX 6.5.4 f SGI IRIX 6.5.4 SGI IRIX 6.5.3 m SGI IRIX 6.5.3 f SGI IRIX 6.5.3 SGI IRIX 6.5.2 m SGI IRIX 6.5.2 f SGI IRIX 6.5.2 SGI IRIX 6.5.1 SGI IRIX 6.5 SGI IRIX 6.4 SGI IRIX 6.3 SGI IRIX 6.2 SGI IRIX 6.1 SGI IRIX 6.0.1 SGI IRIX 6.0 SGI IRIX 5.3 SGI IRIX 5.2 SGI IRIX 5.1.1 SGI IRIX 5.1 SGI IRIX 5.0.1 SGI IRIX 5.0 SGI IRIX 4.0.5 H SGI IRIX 4.0.5 G SGI IRIX 4.0.5 F SGI IRIX 4.0.5 E SGI IRIX 4.0.5 D SGI IRIX 4.0.5 A SGI IRIX 4.0.5 SGI IRIX 4.0.4 SGI IRIX 4.0.3 SGI IRIX 4.0.2 SGI IRIX 4.0.1 SGI IRIX 4.0 SGI IRIX 3.3.3 SGI IRIX 3.3.2 SGI IRIX 3.3.1 SGI IRIX 3.3 SGI IRIX 3.2 SCO Unixware 2.1 SCO Open Server 5.0 SCO Open Desktop 3.0 RhinoSoft Serv-U 4.1 RhinoSoft Serv-U 4.0 .0.4 RhinoSoft Serv-U 3.1 RhinoSoft Serv-U 3.0 NetBSD NetBSD 1.2 NetBSD NetBSD 1.1 NetBSD NetBSD 1.0 Mad Goat Software MGFTP 2.2 IBM AIX 4.3 IBM AIX 4.2.1 IBM AIX 4.2 IBM AIX 4.1 IBM AIX 3.2 HP HP-UX (VVOS) 10.24 HP HP-UX 11.0 HP HP-UX 10.20 HP HP-UX 10.16 HP HP-UX 10.10 HP HP-UX 9.9 HP HP-UX 9.8 HP HP-UX 9.7 HP HP-UX 9.6 HP HP-UX 9.5 HP HP-UX 9.4 HP HP-UX 9.3 HP HP-UX 9.1 HP HP-UX 9.0 HP HP-UX 7.8 HP HP-UX 7.6 HP HP-UX 7.4 HP HP-UX 7.2 HP HP-UX 7.0 FreeBSD FreeBSD 2.1.7 .1 FreeBSD FreeBSD 2.1.6 FreeBSD FreeBSD 2.1.5 FreeBSD FreeBSD 2.1 FreeBSD FreeBSD 2.0.5 FreeBSD FreeBSD 2.0 FreeBSD FreeBSD 1.1.5 .1 Digital UNIX 4.0 D Digital UNIX 4.0 C Digital UNIX 4.0 B Digital UNIX 4.0 A Digital UNIX 4.0 Digital UNIX 3.2 G

Not Vulnerable: