Possible bug causing "FTP server uses predictable port numbers for PASV connections" vulnerability

Bug #893758 reported by Douglas Otto
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux-ftpd (Ubuntu)

Bug Description

Our Rapid 7 scanner has detected a vulnerability on a newly installed Ubuntu v11.10 server running vsFTPd 2.3.2.

It says "FTP server used ports 51156, 51157, 51158, 51159, 51160, which is a predictable sequence."

Does anyone know about this vulnerability and how to fix it?

Revision history for this message
Ken Sharp (kennybobs) wrote :

How is this a vulnerability?

Changed in linux-ftpd (Ubuntu):
status: New → Incomplete
Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for linux-ftpd (Ubuntu) because there has been no activity for 60 days.]

Changed in linux-ftpd (Ubuntu):
status: Incomplete → Expired
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Related questions

Remote bug watches

Bug watches keep track of this bug in other bug trackers.