FileZilla FTP Server < 0.9.6 Multiple DoS

high Log Correlation Engine Plugin ID 800513


The remote host is vulnerable to multiple attack vectors (remote and local).


The remote host is running the FileZilla FTP server. There is a flaw in the remote version of this software that may allow an authenticated attacker to crash the remote host by requesting DOS devices such as CON, NUL, etc., or by misusing the zlib compression mode. In addition, there is a local client flaw within the FileZilla server component. A local user on the FileZilla server who is enticed to initiate an FTP connection to a malicious server can be exploited.


Upgrade to version 0.9.6 or higher.

See Also

Plugin Details

Severity: High

ID: 800513

Family: FTP Servers

Nessus ID: 17593

Risk Information


Risk Factor: High

Base Score: 7.8

Temporal Score: 6.6

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Reference Information

CVE: CVE-2005-0850, CVE-2005-0851, CVE-2005-3589

BID: 15346, 12865