SECUNIA ADVISORY ID: SA24894
VERIFY ADVISORY: http://secunia.com/advisories/24894/
CRITICAL: Moderately critical
IMPACT: DoS, System access
WHERE: >From remote
SOFTWARE: FileZilla 2.x - http://secunia.com/product/2925/
DESCRIPTION: Some vulnerabilities have been reported in FileZilla, which potentially can be exploited by malicious people to compromise a user's system.
The vulnerabilities are caused due to various unspecified format string errors. These can potentially be exploited to execute arbitrary code via e.g. specially crafted server responses or data containing format string specifiers sent when a user interacts with a malicious FTP server. The vulnerability is reported in versions prior to 2.2.32.
SOLUTION: Update to version 2.2.32. - http://sourceforge.net/project/showfiles.php?group_id=21558
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: http://sourceforge.net/project/shownotes.php?release_id=501534&group_id=21558
FileZilla Unspecified Format String VulnerabilitiesPosted on Monday, April 16, 2007 @ 12:03:10 CDT in Security |
Related
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
