FileZilla Server Port Command Denial Of Service Network Vulnerability

Summary

FileZilla Server before 0.9.22 allows remote attackers to cause a denial of service (crash) via a wildcard argument to the (1) LIST or (2) NLST commands, which results in a NULL pointer dereference, a different set of vectors than CVE-2006-6564. NOTE: CVE analysis suggests that the problem might be due to a malformed PORT command.

Solution

Upgrade vulnerable FTP server to latest version.

References

http://osvdb.org/34435

Updated on 2015-03-25

Severity

Classification

CVE CVE-2006-6565

CVSS	Base Score: 4.0 AV:N/AC:L/Au:S/C:N/I:N/A:P

Related Vulnerabilities

pyftpdlib FTP Server Multiple Directory Traversal Vulnerabilities
Titan FTP Server Multiple Directory Traversal Vulnerabilities
Telnet-Ftp Server Directory Traversal Vulnerability
CompleteFTP Directory Traversal Vulnerability
Home FTP Server 'SITE INDEX' Command Remote Denial of Service Vulnerability

FileZilla Server Port Command Denial of Service

Take action and discover your vulnerabilities