Описание
Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| filezilla | fixed | 3.45.1-1 | package | |
| filezilla | fixed | 3.39.0-2+deb10u1 | buster | package |
| filezilla | no-dsa | jessie | package |
Примечания
https://svn.filezilla-project.org/filezilla?revision=9097&view=revision
https://www.tenable.com/security/research/tra-2019-14
EPSS
Процентиль: 54%
0.0031
Низкий
Связанные уязвимости
CVSS3: 7.8
ubuntu
почти 7 лет назад
Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory.
CVSS3: 7.8
nvd
почти 7 лет назад
Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory.
CVSS3: 7.8
github
больше 3 лет назад
Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory.
EPSS
Процентиль: 54%
0.0031
Низкий