id: CVE-2005-0850

info:
  name: FileZilla Server < 0.9.6 - DoS via MS-DOS Device Names
  author: pussycat0x
  severity: medium
  description: |
    FileZilla Server versions prior to 0.9.6 are vulnerable to denial of service when processing filenames containing MS-DOS device names such as CON, NUL, COM1, LPT1, and others. Remote attackers can cause the server to crash or become unresponsive by requesting files with these reserved device names.
  impact: |
    Attackers can cause denial of service by requesting files with MS-DOS device names, triggering FileZilla Server crashes or unresponsiveness.
  remediation: |
    Upgrade FileZilla Server to version 0.9.6 or later that properly handles MS-DOS reserved device names.
  reference:
    - http://sourceforge.net/project/shownotes.php?group_id=21558&release_id=314473
  classification:
    cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P
    cvss-score: 5
    cve-id: CVE-2005-0850
    cwe-id: CWE-20
    epss-score: 0.00139
    epss-percentile: 0.33615
    cpe: cpe:2.3:a:filezilla-project:filezilla_server:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: filezilla-project
    product: filezilla_server
    shodan-query: product:"FileZilla"
  tags: cve,cve2005,network,ftp,filezilla,tcp,passive,vuln

tcp:
  - inputs:
      - data: 00000000
        type: hex

    host:
      - "{{Hostname}}"

    port: 21
    read-size: 1024

    matchers:
      - type: dsl
        dsl:
          - "contains(raw, 'FileZilla')"
          - "compare_versions(version, '< 0.9.6')"
        condition: and

    extractors:
      - type: regex
        group: 1
        name: version
        regex:
          - "FileZilla Server version ([0-9.]+)"
# digest: 490a00463044022011d1296d0c78bce38adb602bcd99ae592c68d58b22d0e988221dfa071d80c39302206acf8fa75b40df96cab49f9ffa20ed09ba335288e75dfa6b327ed786a243650e:922c64590222798bb761d5b6d8e72950