TITLE: FileZilla Unspecified Buffer Overflow Vulnerability
SECUNIA ADVISORY ID: SA20086
VERIFY ADVISORY: http://secunia.com/advisories/20086/
CRITICAL: Moderately critical
IMPACT: System access
WHERE: >From remote
SOFTWARE: FileZilla 2.x
http://secunia.com/product/2925/
DESCRIPTION:
A vulnerability has been reported in FileZilla, which potentially can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified boundary error within the handling of replies from an FTP server. This can be exploited to cause a buffer overflow and may allow arbitrary code execution.
Successful exploitation requires that the user is e.g. tricked into connecting to a malicious FTP server.
The vulnerability has been reported in versions prior to 2.2.23.
SOLUTION: Update to version 2.2.23.
http://sourceforge.net/project/showfiles.php?group_id=21558&package_id=15149
PROVIDED AND/OR DISCOVERED BY: Reported by vendor.
ORIGINAL ADVISORY:
http://sourceforge.net/project/shownotes.php?release_id=416790
FileZilla Unspecified Buffer Overflow VulnerabilityPosted on Monday, May 15, 2006 @ 09:08:39 CDT in Security |
Related
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
