Certified Ethical Hacker (CEHv9) Questions and answers
73. A network administrator discovers several unknown files in the root directory of his Limo FTP server. One of the files is a tarball, two are shell script files, and the third is a binary file is named Mc." The FTP server's access logs show that the anonymous user account logged in to the server, uploaded the files, and extracted the contents of the tarball and ran the script using a function provided by the FTP server's software. The ps command shows that the nc file is running as process, and the netstat command shows the nc process is listening on a network port.
What kind of vulnerability must be present to make this remote attack possible?
A. Privilege escalation
B. Directory traversa
C. Brute force login
D. File system permission
74. Port scanning can be used as part of a technical assessment to determine network vulnerabilities. The TCP XMAS scan is used to identify listening ports on the targeted system. If a scanned port is open, what happens?