• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

SGI IRIX ftpd PASV Mode Data Channel Hijacking Vulnerability

The FTP server included with SGI IRIX is vulnerable to hijacking of data connections when PASV mode is in use.

When in PASV mode, the server listens on a port when a transfer of data is to occur. The client then connects and the data is transferred. SGI has reported that the ftpd selects predictable PASV mode port numbers. As a result, it is trivial for remote attackers to hijack data connections and retrieve data before the client can.