It always depends on which aspect of security you are talking about. They are no different in security when it comes to confidentiality and integrity of the transmission. Both are not cryptographically protected. With that, if your data has to be protected, you should avoid FTP.
The main difference in security is about what you have to allow on your firewall. With passive FTP your clients only initiate outbound connections. With active mode, the data-channel is an inbound connection through your firewall. For sure, that is handled through statefull inspection and only the right traffic is allowed to come in. Still, having inbound connections from an untrusted network directly to your user-systems is considered less secure then only having outbound connections.
For optimum security, there should always be an FTP-proxy in a DMZ.
-- Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
For a purpose I did some analysis of discussion ratings. I would like to
share those numbers as they may interests someone. I analyzed rating of
discussions in LAN, Switching and Routing community. Overall statistics
Total number of discussions 72029 100....