A network administrator discovers several unknown files in the root directory of his Linux
FTP server. One of the files is a tarball, two are shell script files, and the third is a binary file is named -nc.- The FTP servers access logs show that the anonymous user account logged in to the server, uploaded the files, and extracted the contents
of the tarball and ran the script using a function provided by the FTP servers software. The ps command shows that the nc file is running as process, and the netstat command shows the nc process is listening on a network port.
What kind of vulnerability
must be present to make this remote attack possible?
A. File system permissions
B. Privilege escalation
C. Directory traversal
D. Brute force login
To upload files the user must have proper write file permissions.
References: