The /etc/ftpaccess.ctl file must not have an extended ACL.
Excessive permissions on the ftpaccess.ctl file could permit unauthorized modification. Unauthorized modification could result in Denial of Service to authorized FTP users or permit unauthorized access to system information.
Remove the extended ACL from the /etc/ftpaccess.ctl file. #acledit /etc/ftpaccess.ctl Disable extended permissions.
Check the permissions of the /etc/ftpaccess.ctl file. #aclget /etc/ftpaccess.ctl Check if extended permissions are disabled. If extended permissions are not disabled, this is a finding.