FileZilla FTP Server < 0.9.6 Multiple DoS

High Log Correlation Engine Plugin ID 800513

Synopsis

The remote host is vulnerable to multiple attack vectors (remote and local).

Description

The remote host is running the FileZilla FTP server. There is a flaw in the remote version of this software that may allow an authenticated attacker to crash the remote host by requesting DOS devices such as CON, NUL, etc., or by misusing the zlib compression mode. In addition, there is a local client flaw within the FileZilla server component. A local user on the FileZilla server who is enticed to initiate an FTP connection to a malicious server can be exploited.

Solution

Upgrade to version 0.9.6 or higher.

See Also

http://sourceforge.net/project/shownotes.php?release_id=314473

Plugin Details

Severity: High

ID: 800513

File Name: 800513.prm

Family: FTP Servers

Nessus ID: 17593

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.8

Temporal Score: 6.6

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:U/RL:U/RC:ND

Reference Information

CVE: CVE-2005-0851, CVE-2005-3589, CVE-2005-0850

BID: 15346, 12865