It is recommended to upgrade the affected component. Upgrading to version 0.9.51 is able to address this issue. It is possible to initiate the attack remotely. The manipulation leads to unintended intermediary. This affects an unknown part of the component PORT Handler. The exploit has been disclosed to the public and may be used.Ī vulnerability, which was classified as problematic, was found in FileZilla Server up to 0.9.50. The manipulation leads to unquoted search path. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of the component Installer. Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory.Ī vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic.
** DISPUTED ** FileZilla v3.59.0 allows attackers to obtain cleartext passwords of connected SSH or FTP servers via a memory dump.- NOTE: the vendor does not consider this a vulnerability.
0 kommentar(er)
