We study the security of quantum secure direct communication without perfect quantum channel. Our analysis is focused on a general individual attack, i.e. entangle-ancilla attack. The sufficient and necessary condition for a successful eavesdropping operation is obtained, and a particular attack is presented, by which Eve can elicit the whole secret without being discovered. Finally we find the root of this loophole and give a possible improvement of this protocol accordingly.