First published: Thu Jan 18 2024(Updated: )
Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol used in FileZilla is prone to a prefix truncation attack, known as the "Terrapin attack". A remote attacker could use this issue to downgrade or disable some security features and obtain sensitive information.
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/filezilla | <3.65.0-3ubuntu0.1 | 3.65.0-3ubuntu0.1 |
Ubuntu Ubuntu | =23.10 | |
All of | ||
ubuntu/filezilla-common | <3.65.0-3ubuntu0.1 | 3.65.0-3ubuntu0.1 |
Ubuntu Ubuntu | =23.10 | |
All of | ||
ubuntu/filezilla | <3.58.0-1ubuntu0.1 | 3.58.0-1ubuntu0.1 |
Ubuntu Ubuntu | =22.04 | |
All of | ||
ubuntu/filezilla-common | <3.58.0-1ubuntu0.1 | 3.58.0-1ubuntu0.1 |
Ubuntu Ubuntu | =22.04 | |
All of | ||
ubuntu/filezilla | <3.46.3-1ubuntu0.1 | 3.46.3-1ubuntu0.1 |
Ubuntu Ubuntu | =20.04 | |
All of | ||
ubuntu/filezilla-common | <3.46.3-1ubuntu0.1 | 3.46.3-1ubuntu0.1 |
Ubuntu Ubuntu | =20.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.