Information from above URL: If an attacker can establish an FTP connection passing through a Linux 2.4.x IPTables firewall with the state options allowing "related" connections (almost 100% do), he can insert entries into the firewall's RELATED ruleset table allowing the FTP Server to connect to any host and port protected by the firewalls rules,including the firewall itself. More information and patch can be found at above URL
*** This bug has been marked as a duplicate of 36580 ***