Reported January 23, 2002, by Arne Vidstrom.
Pi-Soft’s SpoonFTP versions up to and including 18.104.22.168 for Windows 2000, Windows Me, Windows NT, and Windows 9x
A vulnerability exists in Pi-Soft’s SpoonFTP that can result in an attacker being able to bounce a connection through the vulnerable server and attack a third-party host. An intruder can also launch this FTP bounce attack from ports lower than 1024, to which the attacker typically doesn't have user access.
Discovered by Arne Vidstrom.