Vulnerability Details CVE-2006-2173
Buffer overflow in FileZilla FTP Server 2.2.22 allows remote authenticated attackers to cause a denial of service and possibly execute arbitrary code via a long (1) PORT or (2) PASS followed by the MLSD command, or (2) the remote server interface, as demonstrated by the Infigo FTPStress Fuzzer.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.046
EPSS Ranking 88.8%
CVSS Severity
CVSS v2 Score 6.4
References
- http://archives.neohapsis.com/archives/bugtraq/2006-05/0139.html
- http://marc.info/?l=bugtraq&m=114658586018818&w=2
- http://www.infigo.hr/en/in_focus/tools
- http://www.infigo.hr/hr/in_focus/advisories/INFIGO-2006-05-03
- http://www.osvdb.org/25221
- http://www.securityfocus.com/bid/17802
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26303
- http://archives.neohapsis.com/archives/bugtraq/2006-05/0139.html
- http://marc.info/?l=bugtraq&m=114658586018818&w=2
- http://www.infigo.hr/en/in_focus/tools
- http://www.infigo.hr/hr/in_focus/advisories/INFIGO-2006-05-03
- http://www.osvdb.org/25221
- http://www.securityfocus.com/bid/17802
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26303
Products affected by CVE-2006-2173
-
cpe:2.3:a:filezilla:filezilla_server:*