CVE-2005-0850
published 2005-05-02CVE-2005-0850: FileZilla FTP server before 0.9.6 allows remote attackers to cause a denial of service via a request for a filename containing an MS-DOS device name such as…
PriorityP420medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
2.19%
80.2th percentile
FileZilla FTP server before 0.9.6 allows remote attackers to cause a denial of service via a request for a filename containing an MS-DOS device name such as CON, NUL, COM1, LPT1, and others.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| filezilla-project | filezilla_server | < 0.9.6 | 0.9.6 |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
FileZilla Server < 0.9.6 - DoS via MS-DOS Device Names
nuclei·CVSS 5.0
CVE-2005-0850 [MEDIUM] FileZilla Server < 0.9.6 - DoS via MS-DOS Device Names
FileZilla Server < 0.9.6 - DoS via MS-DOS Device Names
FileZilla Server versions prior to 0.9.6 are vulnerable to denial of service when processing filenames containing MS-DOS device names such as CON, NUL, COM1, LPT1, and others. Remote attackers can cause the server to crash or become unresponsive by requesting files with these reserved device names.
Template:
id: CVE-2005-0850
info:
name: FileZilla Server < 0.9.6 - DoS via MS-DOS Device Names
author: pussycat0x
severity: medium
description: |
FileZilla Server versions prior to 0.9.6 are vulnerable to denial of service when processing filenames containing MS-DOS device names such as CON, NUL, COM1, LPT1, and others. Remote attackers can cause the server to crash or become unresponsive by requesting files with these reserved device na
2005-05-02
Published