XMLSocket foo = new XMLSocket("evilserver.org",31337); foo.setLocalPort(135); XMLRequest bar = new XMlRequest("whatever"); foo.sendrequest(bar);
There's nothing exploited, it's just the way NAT works.
Or, even simpler:
Nothing exploited, that's just how FTP NAT helpers work.
Aside from even the simplest load balancing breaking? Just take any sufficiently complex protocol, f.e. various P2P protocols, various computer games, VoIP applications...
I don't have too, since this is solely your claim so far.
It's basically a Java or Flash applet acting as a FTP client, using the PORT command, the FTP NAT helper parsing the command and adding an appropriate NAT table entry. There's nothing wrong with this, it justs void some false security assumptions about NAT.