CVE-2005-3589

Filezilla Server Terminal - Buffer Overflow

Title source: rule

Description

Buffer overflow in FileZilla Server Terminal 0.9.4d may allow remote attackers to cause a denial of service (terminal crash) via a long USER ftp command.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Inge Henriksen · c++doswindows

https://www.exploit-db.com/exploits/1336

View Code ZIP pw:eip

metasploit WORKING POC

by aushack · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/windows/ftp/filezilla_admin_user.rb

View Code ZIP pw:eip

References (7)

[Various Sources] http://ingehenriksen.blogspot.com/2005/11/filezilla-server-terminal-094d-dos-poc_21.html

[Various Sources] http://ingehenriksen.blogspot.com/2005/11/work-in-progress-filezilla-server.html

[Mailing List] http://marc.info/?l=bugtraq&m=113140190521377&w=2

[Patch] http://sourceforge.net/project/shownotes.php?release_id=298735

[Third Party Advisory, VDB Entry] http://www.osvdb.org/20817

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/417307/30/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/15346

Scores

EPSS 0.6766

EPSS Percentile 98.5%

Classification

Status draft

Affected Products (1)

filezilla/filezilla_server_terminal

Timeline

Published Nov 16, 2005

Tracked Since Feb 18, 2026