Code: p53

Severity: Warning


Description: This event is generated when an attempt to copy a specific file to an FTP server is made.

Impact: The attacker might gain the ability to execute commands remotely with the privileges of the affected user.

Corrective: Locate the uploaded ".forward" file and check it for signs of suspicious entries. Check the server logs for other suspicious events that might have occurred within the same FTP session Disallow uploading of files via FTP and use Secure Shell (SSH) for transferring files by users.