297 ftpd cwd user detection FTP 2005/01/04 Marc Ruef marc.ruef at computec.ch http://www.computec.ch computec.ch 1.0 tcp 21 open|sleep|send anonymous\n|sleep|send atk@test.example\n|sleep|send CWD ~root\n|sleep|send QUIT\n|close|pattern_exists 550 / 90 The NASL script is Copyright (C) 1999 Renaud Deraison Configuration It is possible to determine the existence of a user on the remote system by issuing the command CWD ~, like : "CWD ~root". An attacker may use this to determine the existence of known to be vulnerable accounts (like guest) or to determine which system you are running. Inform your vendor, and ask for a patch, or change your FTP server. Approx. 2 hours Yes Yes Yes Medium 6 7 5 6 Low Nessus can check this flaw with the plugin 10082 (FTPd tells if a user exists). 10082 Hacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427 http://www.computec.ch