Google Chrome FTP Client PASV Port Scan Information Disclosure Vulnerability

info
discussion
exploit
solution
references

Google Chrome FTP Client PASV Port Scan Information Disclosure Vulnerability

Google Chrome is prone to an information-disclosure vulnerability because it fails to adequately validate server-issued instructions while in PASV (passive) mode.

Attackers can exploit this issue to port-scan networks inside a victim computer's firewall. Information harvested may aid in further attacks.

Google Chrome 1.0.154.36 is affected; other versions may also be vulnerable.