1861987 – (CVE-2005-0850) CVE-2005-0850 filezilla: DoS via MS-DOS device name

Bug 1861987 (CVE-2005-0850) - CVE-2005-0850 filezilla: DoS via MS-DOS device name

Summary: CVE-2005-0850 filezilla: DoS via MS-DOS device name

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2005-0850
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-07-30 05:37 UTC by Dhananjay Arunesh
Modified:	2021-10-28 05:27 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2021-10-28 05:27:02 UTC
Embargoed:

Attachments	(Terms of Use)

Description Dhananjay Arunesh 2020-07-30 05:37:15 UTC

FileZilla FTP server before 0.9.6 allows remote attackers to cause a denial of service via a request for a filename containing an MS-DOS device name such as CON, NUL, COM1, LPT1, and others.

References:
http://sourceforge.net/project/shownotes.php?group_id=21558&release_id=314473
http://www.securityfocus.com/bid/12865

Note You need to log in before you can comment on or make changes to this bug.