Detections
Analytics

FileZilla Client < 3.7.3 Multiple Vulnerabilities

medium Nessus Plugin ID 69494

Language:

Synopsis

The remote Windows host has an application that is affected by multiple vulnerabilities.

Description

The version of FileZilla Client on the remote host is a version prior to 3.7.3. As such, it is affected by multiple vulnerabilities :

 - A buffer underrun vulnerability exists that occurs when verifying a DSA signature when using SFTP.
 (CVE-2013-4206)

 - A remote buffer overflow vulnerability exists that is triggered when processing a specially crafted DSA signature when using SFTP. (CVE-2013-4207)

 - Multiple information disclosure vulnerabilities exist due to improper cleaning of private keys used in SFTP sessions. An attacker could exploit these issues by tricking a user into connecting to a specially crafted SFTP server. This can lead to code execution, denial of service, and access to sensitive information like SFTP login passwords, obsolete session keys, public-key pass phrases, and the private halves of public keys.
 (CVE-2013-4208)

Solution

Upgrade to FileZilla Client 3.7.3 or later.

See Also

https://seclists.org/oss-sec/2013/q3/291

https://filezilla-project.org/

https://trac.filezilla-project.org/ticket/8826

Plugin Details

Severity: Medium

ID: 69494

File Name: filezilla_373.nasl

Version: 1.6

Type: local

Agent: windows

Family: Windows

Published: 8/13/2013

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:filezilla:filezilla

Required KB Items: SMB/Registry/Enumerated, SMB/filezilla/Installed

Exploit Ease: No known exploits are available

Patch Publication Date: 8/7/2013

Vulnerability Publication Date: 8/5/2013

Reference Information

CVE: CVE-2013-4206, CVE-2013-4207, CVE-2013-4208

BID: 61644, 61645, 61649