FileZilla Unspecified Buffer Overflow Vulnerability Date: Monday, May 15, 2006 @ 09:08:39 UTC Topic: Security TITLE: FileZilla Unspecified Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA20086 VERIFY ADVISORY: http://secunia.com/advisories/20086/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From remote SOFTWARE: FileZilla 2.x http://secunia.com/product/2925/ DESCRIPTION: A vulnerability has been reported in FileZilla, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an unspecified boundary error within the handling of replies from an FTP server. This can be exploited to cause a buffer overflow and may allow arbitrary code execution. Successful exploitation requires that the user is e.g. tricked into connecting to a malicious FTP server. The vulnerability has been reported in versions prior to 2.2.23. SOLUTION: Update to version 2.2.23. http://sourceforge.net/project/showfiles.php?group_id=21558&package_id=15149 PROVIDED AND/OR DISCOVERED BY: Reported by vendor. ORIGINAL ADVISORY: http://sourceforge.net/project/shownotes.php?release_id=416790 This article comes from Ravens PHP Scripts https://www.ravenphpscripts.com The URL for this story is: https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=2163