LoadLibrary Vulnerability in FileZilla
|Reported by:||Brian Wilkins||Owned by:|
|Component version:||Operating system type:||Windows|
|Operating system version:||Windows XP SP3|
I ran rats 2.3 on the FileZilla source code and RATS detected several LoadLibrary vulernabilities in FileZilla. RATS states: "LoadLibrary will search several places for a library if
no path is specified, allowing trojan DLL's to be inserted elsewhere even if the intended DLL is correctly protected from overwriting. Make sure to specify the full path."
Looking at the below code snippets, you can see that the full path is not specified. Recommend the full path be specified in order to prevent this vulnerability from occurring.
Line 670: m_hGSS_API = LoadLibrary(GFTPDLL);
Line 1122: m_hDll = LoadLibrary(_T("WS2_32.dll"));
Line 312: m_hSslDll2 = LoadLibrary(_T("libeay32.dll"));
Line 389: m_hSslDll1 = LoadLibrary(_T("ssleay32.dll"));