CVE-2005-0850

NUCLEI

Filezilla-project Filezilla Server < 0.9.6 - Improper Input Validation

Title source: rule

Description

FileZilla FTP server before 0.9.6 allows remote attackers to cause a denial of service via a request for a filename containing an MS-DOS device name such as CON, NUL, COM1, LPT1, and others.

Nuclei Templates (1)

FileZilla Server < 0.9.6 - DoS via MS-DOS Device Names

MEDIUMVERIFIEDby pussycat0x

Shodan: product:"FileZilla"

References (2)

[Product, Third Party Advisory] http://sourceforge.net/project/shownotes.php?group_id=21558&release_id=314473

[Patch, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/12865

Scores

EPSS 0.0014

EPSS Percentile 33.6%

Details

CWE

CWE-20

Status published

Products (1)

filezilla-project/filezilla_server < 0.9.6

Published May 02, 2005

Tracked Since Feb 18, 2026