Intrusion Prevention

FTP.RETR.PASSWD

Description

This indicates a potentially malicious attempt to obtain password information from a system running FTP service.


There exist vulnerabilities in some outdated FTP daemons which allow an attacker to obtain password file on a target machine by system misconfiguration or via a directory traversal technique.


Affected Products

Any unprotected Unix/Linux system that is connected to the Internet is vulnerable to the attack.

Impact

Information leak may assist future attacks

Recommended Actions

Apply appropriate patches or upgrade the system to the latest non-vulnerable version

Other References

1