CVE-2006-6564: Null Pointer Dereference
Published Dec 15, 2006
·Updated
FileZilla Server before 0.9.22 allows remote attackers to cause a denial of service (crash) via a malformed argument to the STOR command, which results in a NULL pointer dereference. NOTE: CVE analysis suggests that the problem might be due to a malformed PORT command.
Affected Software
1 affected component
FileZilla FileZilla<=0.9.21
Event History
Dec 15, 2006
CVE Published
via MITRE·11:00 AM
Data Sourced
via MITRE·11:00 AM
Description
Data Sourced
via NVD·11:28 AM
DescriptionSeverityAffected Software
Frequently Asked Questions
1
What is the severity of CVE-2006-6564?
CVE-2006-6564 is classified as a high severity vulnerability due to its potential for denial of service attacks.
2
How do I fix CVE-2006-6564?
To remediate CVE-2006-6564, upgrade FileZilla Server to version 0.9.22 or later.
3
What are the symptoms of CVE-2006-6564 exploitation?
Exploitation of CVE-2006-6564 can result in crashes of the FileZilla Server due to a NULL pointer dereference.
4
Which versions of FileZilla are affected by CVE-2006-6564?
FileZilla Server versions prior to 0.9.22 are affected by CVE-2006-6564.
5
Is there a workaround for CVE-2006-6564?
There is no specific workaround for CVE-2006-6564, so updating to the latest version is recommended.