Security scan flags filezilla server 1.7.2

Need help with FileZilla Server? Something does not work as expected? In this forum you may find an answer.

Moderator: Project members

Post Reply
Message
Author
cxc143
500 Command not understood
Posts: 1
Joined: 2023-07-18 18:41
First name: John
Last name: Smith

Security scan flags filezilla server 1.7.2

#1 Post by cxc143 » 2023-07-18 18:59

I have filezilla server 1.7.2 x64 windows installed, and a nessus scan flagged it as having a security bypass vulnerability due to accepting unencrypted commands if SSL negotiations fail. I've come up empty on the searches I've done. Is there a workaround for this, so it doesn't show up on a scan?
Top
User avatar
botg
Site Admin
Posts: 35566
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse

Re: Security scan flags filezilla server 1.7.2

#2 Post by botg » 2023-07-18 19:25

You can change the listeners to require explicit FTP over TLS in the settings dialog.
Top
Post Reply

Return to “FileZilla Server Support”