FTP Passive Mode May Allow Denial of Service
The IIS FTP service employs a passive mode (PASV), which can be a source of performance degradation and lead to denial of service attacks on the FTP and WWW services. In such cases, the System Log will show errors which may look like the following:
FTP Server could not create a client worker thread for user at host <some IPAddress>. The connection to this user is terminated. The data is the error.
In addition, client systems may see error messages, such as
Connection closed by remote host -or- The FTP session was terminated
The problem may occur because it is possible to use all available system threads for servicing clients, which leads to the above stated errors until threads are once again available.
Load the proper hotfix -- U.S. version fixes are listed below. International users should check Microsoft"s FTP directory for proper hotfix versions.