FileZilla FTP Server < 0.9.6 Multiple DoS
High Nessus Network Monitor Plugin ID 2738
SynopsisThe remote host is vulnerable to multiple attack vectors (remote and local).
DescriptionThe remote host is running the FileZilla FTP server. There is a flaw in the remote version of this software that may allow an authenticated attacker to crash the remote host by requesting DOS devices (CON, NUL, etc.) or by misusing the zlib compression mode. In addition, there is a local client flaw within the FileZilla server component. A local user on the FileZilla server who is enticed to initiate an FTP connection to a malicious server can be exploited.
SolutionUpgrade to version 0.9.6 or higher.