: Fixed a nonfunctional check where the peer's data connection IP was supposed to match the control connection IP. TLS Resumption
: There have been community reports of potential credential leaks or "zero-day" exploitations affecting this specific version when exposed directly to the internet. GitHub and Exploit Availability filezilla server 0.9.60 beta exploit github
def initialize(info = {}) super(update_info(info, 'Name' => 'FileZilla Server 0.9.60 beta DELE Command Buffer Overflow', 'Description' => %q This module exploits a stack-based buffer overflow in FileZilla Server 0.9.60 beta. The vulnerability exists in the processing of the DELE command. , 'Author' => [ 'Security Researcher' ], 'Platform' => 'win32', 'Payload' => 'BadChars' => "\x00\x0a\x0d" , 'Targets' => [ [ 'Windows XP SP3 / Windows 7', 'Ret' => 0x00412345 ] ], 'DefaultTarget' => 0)) end : Fixed a nonfunctional check where the peer's
: Security researchers publish PoCs to prove a vulnerability is real and to push vendors to release patches. The vulnerability exists in the processing of the