[原文]The permissions for system-critical data in an anonymous FTP account are inappropriate. For example, the root directory is writeable by world, a real password file is obtainable, or executable commands such as "ls" can be overwritten.
Multiple Vendor FTP Server Anonymous Writable Directory Privilege Escalation
Remote / Network Access
Change Default Setting
This host is running an FTP server that allows anonymous users to write to the root directory. This allows an attacker to upload files to this host to use in combination with another attack, or to use as a software distribution point.
If the FTP server is not being used on this system, it should be disabled. If anonymous access is required, it should be restricted to read only access.