Code: p37 Severity: Infomation
Description: This decode detects a SYST command being issued to a FTP server. This command causes the FTP server to return a response indicating the host operating system of the server. Impact: Knowing the host operating system allows an attacker to customize their attack to exploit other vulnerabilities likely to be present. Corrective: Pay close attention to other activity on the target system following the SYST request. If it is a non-anonymous FTP server, make sure your FTP server requires users to log in prior to honoring a SYST request. If anonymous access is allowed, you may be able to disable the SYST command. Consult the documentation of your FTP server.
|
