FileZilla 3.33 Buffer Overflow
- Date Published:2018-10-11
- Last Updated:2018-10-11
- Version Affected: FileZilla 3.33
FileZilla is a free and open source FTP software, divided into client version and server version, with all the FTP software functions.
FileZilla version 3.33 suffers from a buffer overflow vulnerability.
Steps to Reproduce: Run the python exploit script, it will create a new
file with the name "exploit.txt". Copy the content from "exploit.txt".
Open new terminal and write "filezilla"
Go to Bookmarks and Add bookmark or Ctrl + B
Now paste the contents of "exploit.txt" into the fields. "Name:"
Click "OK" after Click "Bookmarks" you will see a crash on terminal.
Manufacturers have now issued an upgrade patch to fix the bug. The patch gets links: https://filezilla-project.org