Mageia: 2024-0034 Moderate: FileZilla Prefix Truncation Attack Fix

mageia

February 10, 2024

Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol used in FileZilla is prone to a prefix truncation attack, known as the "Terrapin attack"

Summary

Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol used in FileZilla is prone to a prefix truncation attack, known as the "Terrapin attack". A remote attacker could use this issue to downgrade or disable some security features and obtain sensitive information. This update fixes the issue.

References

- https://bugs.mageia.org/show_bug.cgi?id=32748

- https://ubuntu.com/security/notices/USN-6589-1

- https://www.cve.org/CVERecord?id=CVE-2023-48795

Topics Covered

security advisory remote attack moderate severity ssh attack filezilla mageia prefix truncation

Resolution

SRPMS

- 9/core/filezilla-3.66.4-1.mga9

Publication date: 10 Feb 2024

URL: https://advisories.mageia.org/MGASA-2024-0034.html

Type: security

CVE: CVE-2023-48795

Topics Covered

security advisory remote attack moderate severity ssh attack filezilla mageia prefix truncation

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia: 2024-0034 Moderate: FileZilla Prefix Truncation Attack Fix

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia: 2024-0034 Moderate: FileZilla Prefix Truncation Attack Fix

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!