FileZilla FTP Client Unspecified Overflow

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an application is that affected by a
remote buffer overflow vulnerability.

Description :

According to its version, the FileZilla FTP client installed on the
remote host is affected by an unspecified buffer overflow
vulnerability. It may be possible to exploit this issue remotely by
tricking a user into connecting to a malicious FTP site using the
affected client. Remote code execution would then be possible subject
to the user's privileges.

See also :

http://sourceforge.net/projects/filezilla/

Solution :

Upgrade to FileZilla client version 2.2.23 or later.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.5
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 21565 (filezilla_client_buffer_overflow.nasl)

Bugtraq ID: 17972

CVE ID: CVE-2006-2403

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now