CVE-2006-2173
NUCLEIFileZilla Server 2.2.22 - Authenticated Buffer Overflow via PORT or PASS Command
Title source: llmExploitation Summary
CVE-2006-2173 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.
Description
Buffer overflow in FileZilla FTP Server 2.2.22 allows remote authenticated attackers to cause a denial of service and possibly execute arbitrary code via a long (1) PORT or (2) PASS followed by the MLSD command, or (2) the remote server interface, as demonstrated by the Infigo FTPStress Fuzzer.
Nuclei Templates (1)
FileZilla FTP Server 2.2.22 - Buffer Overflow
MEDIUMVERIFIEDby pussycat0x
Shodan:
product:"FileZilla"
References (7)
Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/17802
Exploit x_refsource_misc
http://www.infigo.hr/en/in_focus/tools
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=114658586018818&w=2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/25221
Various Sources x_refsource_misc
http://www.infigo.hr/hr/in_focus/advisories/INFIGO-2006-05-03
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/26303
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2006-05/0139.html
Scores
EPSS
0.0039
EPSS Percentile
60.3%
Details
Status
published
Products (1)
filezilla/filezilla_server
Published
May 04, 2006
Tracked Since
Feb 18, 2026