Root Kit Found

Impact

A malious user may be able to create a connection between the FTP server and another system on an arbitrary port. The connection could beat access control setups.

Background

Resolution

Where can I read more about this?

The CERT® Advisory CA-97.27.FTP_bounce is a great place to find all vendor information, and a detailed description of the vulnerability. Also, FTP Bounce Attack written by Hobbit is another useful article.