Vulnerability Details : CVE-2005-3589
Public exploit exists!
Buffer overflow in FileZilla Server Terminal 0.9.4d may allow remote attackers to cause a denial of service (terminal crash) via a long USER ftp command.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2005-3589
- cpe:2.3:a:filezilla:filezilla_server_terminal:0.9.4d:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-3589
68.58%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2005-3589
-
FileZilla FTP Server Admin Interface Denial of Service
Disclosure Date: 2005-11-07First seen: 2020-04-26auxiliary/dos/windows/ftp/filezilla_admin_userThis module triggers a Denial of Service condition in the FileZilla FTP Server Administration Interface in versions 0.9.4d and earlier. By sending a procession of excessively long USER commands to the FTP Server, the Administration Interface (FileZilla Server Interfa
CVSS scores for CVE-2005-3589
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST |
References for CVE-2005-3589
-
http://sourceforge.net/project/shownotes.php?release_id=298735
Patch
-
http://ingehenriksen.blogspot.com/2005/11/work-in-progress-filezilla-server.html
-
http://ingehenriksen.blogspot.com/2005/11/filezilla-server-terminal-094d-dos-poc_21.html
-
http://www.securityfocus.com/archive/1/417307/30/0/threaded
-
http://marc.info/?l=bugtraq&m=113140190521377&w=2
-
http://www.osvdb.org/20817
-
http://www.securityfocus.com/bid/15346
FileZilla Server Terminal Remote Client-Side Buffer Overflow Vulnerability
Jump to