--- kioslave/ftp/ftp.cc
+++ kioslave/ftp/ftp.cc
@@ -58,6 +58,7 @@
 #include <kmimemagic.h>
 #include <kmimetype.h>
 #include <ksockaddr.h>
+#include <ksocketaddress.h>
 #include <kio/ioslave_defaults.h>
 #include <kio/slaveconfig.h>
 #include <kremoteencoding.h>
@@ -835,7 +836,6 @@ bool Ftp::ftpSendCmd( const QCString& cm
   return true;
 }
 
-
 /*
  * ftpOpenPASVDataConnection - set up data connection, using PASV mode
  *
@@ -853,6 +853,8 @@ int Ftp::ftpOpenPASVDataConnection()
   if (sa != NULL && sa->family() != PF_INET)
     return ERR_INTERNAL;       // no PASV for non-PF_INET connections
 
+  const KInetSocketAddress *sin = static_cast<const KInetSocketAddress*>(sa);
+
   if (m_extControl & pasvUnknown)
     return ERR_INTERNAL;       // already tried and got "unknown command"
 
@@ -886,14 +888,17 @@ int Ftp::ftpOpenPASVDataConnection()
   }
 
   // Make hostname and port number ...
-  QString host;
-  host.sprintf("%d.%d.%d.%d", i[0], i[1], i[2], i[3]);
   int port = i[4] << 8 | i[5];
 
+  // we ignore the host part on purpose for two reasons
+  // a) it might be wrong anyway
+  // b) it would make us being suceptible to a port scanning attack
+
   // now connect the data socket ...
   m_data = new FtpSocket("PASV");
-  m_data->setAddress(host, port);
-  kdDebug(7102) << "Connecting to " << host << " on port " << port << endl;
+  m_data->setAddress(sin->nodeName(), port);
+
+  kdDebug(7102) << "Connecting to " << sin->nodeName() << " on port " << port << endl;
   return m_data->connectSocket(connectTimeout(), false);
 }