Vulnerabilities > CVE-2006-2173 - Unspecified vulnerability in Filezilla Server

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
filezilla
nessus
NVD
Published: 2006-05-04
Updated: 2024-11-21

Summary

Buffer overflow in FileZilla FTP Server 2.2.22 allows remote authenticated attackers to cause a denial of service and possibly execute arbitrary code via a long (1) PORT or (2) PASS followed by the MLSD command, or (2) the remote server interface, as demonstrated by the Infigo FTPStress Fuzzer.

Vulnerable Configurations

Part Description Count
Application
Filezilla
1

Nessus

NASL familyWindows
NASL idFILEZILLA_SERVER_INTERFACE_BUFFER_OVERFLOW.NASL
descriptionAccording to its version, the FileZilla Server Interface installed on the remote host is affected by an unspecified buffer overflow vulnerability, which could be leveraged by an attacker to execute arbitrary code subject to the privileges of the user running the affected application. Note that to successfully exploit this remotely, the application would need to be configured to accept remote connections, which it does not by default.
last seen2020-06-01
modified2020-06-02
plugin id21567
published2006-05-16
reporterThis script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/21567
titleFileZilla FTP Server MLSD Command Overflow

References