Opened 5 years ago
Last modified 5 years ago
#11773 moreinfo Bug report
|Reported by:||Kağan Çapar||Owned by:|
|Component version:||3.33||Operating system type:||Linux|
|Operating system version:||Kali Linux 2018.3_x64|
Hello, I'm Kağan, Vulnerability Reasearcher. I found vulnerability Filezilla 3.33 on Kali Linux 2018.3 x64 and I just published proof-of-concept type exploit-db but I managed to write shell code. If this version works with root authority, the authority can be priv-esc. You should know that I did not public. Also, vulnerability is not working Windows OS.
Good luck, I love filezilla!
Change History (3)
by , 5 years ago
|Attachment:||Screenshot from 2018-10-10 05-28-09.png added|
comment:1 by , 5 years ago
|Status:||new → moreinfo|
This doesn't appear to be a bug in FileZilla itself but rather one of the libraries it depends on.
Which version of wxWidgets is FileZilla linked against? Which version of GTK+ is wxWidgets in turn linked against?
comment:2 by , 5 years ago
|Priority:||critical → low|
|Summary:||FileZilla 3.33 Buffer-Overflow (PoC) → FileZilla 3.33|