Opened 16 years ago

Closed 16 years ago

#3943 closed Bug report (rejected)

security risk

Reported by: cfneumann Owned by:
Priority: high Component: FileZilla Server
Keywords: security risk Cc:
Component version: Operating system type: Windows
Operating system version:

Description

Our IT department is flagging (or flogging, depending on perspective) regarding a security risk with the filezilla server. Is this something that can be fixed?

*

The remote FTP server crashes when the command
'MLST a' is issued right after connecting to it.

An attacker may use this flaw to prevent you
from publishing anything using FTP.

Solution : if you are using wftp, then upgrade to version 2.41 RC12, if you are not, then contact your vendor for a fix.

Risk factor : High
CVE : CVE-2000-0647
BID : 1506

Nessus ID : 10487

Change History (1)

comment:1 by Tim Kosse, 16 years ago

Resolution: rejected
Status: newclosed

The CVE is totally unrelated to FileZilla Server.

Note: See TracTickets for help on using tickets.