FileZilla is a fast FTP and SFTP client for Windows with a lot of features. FileZilla Server is a reliable FTP server.
The long wait is over, I'm proud to announce the release of FileZilla 3.0.0. You can download the new version here:
The primary new feature of 3.0.0 is the ability to run under multiple platforms. FileZilla 3 does not only run under Windows, but also under Linux, *BSD, Mac OS X and many more. In addition, the internals of FileZilla have been streamlined and modernized.... read more
The FileZilla 3 repository has been moved to Subversion and is now being available under http://filezilla.svn.sourceforge.net/svnroot/filezilla/FileZilla3
You can browse the repository under http://filezilla.svn.sourceforge.net/viewvc/filezilla/
FileZilla 2.2.32 fixes format string vulnerabilities which might be exploitable.
An update to 2.2.32 is hightly recommended.
On October 5, 2006, the first beta version of FileZilla 3 has been released.
FileZilla 3 is a complete rewrite of the client and is able to run on every major platform, including Windows, Linux, Mac OS X and *BSD.
Other new features of FileZilla 3 include:
- Directory listing filter
- Network Configuration Wizard including online test
However, a lot of features are still missing and scheduled for future beta versions. Especially the user interface will still undergo a lot of changes.... read more
FileZilla and FileZilla Server have been updated to fix a security vulnerability discovered in the OpenSSL library. Details about the vulnerabilities can be found here: http://www.openssl.org/news/secadv_20060928.txt
FileZilla uses OpenSSL to handle SSL secured connections.
Updating to FileZilla 2.2.28 and FileZilla Server 0.9.19 is highly recommended.
FileZilla 2.2.23 fixes a critical security vulnerability. Due to a buffer overflow remote code execution might have been possible if connecting to malicious servers.
An update to FileZilla 2.2.23 is highly recommended.
You can download the updated version from http://sourceforge.net/project/showfiles.php?group_id=21558&package_id=15149
FileZilla Server 0.9.17 fixes a critical security vulnerability. Due to a buffer overflow in the admin interface, remote code execution with the rights of the user running the admin interface might have been possible. Only the interface was affected, the service was unaffected.
An update to FileZilla Server 0.9.17 is highly recommended.
FileZilla Server now uses UTF-8 encoding for filenames as specified in RFC 2640 (http://www.faqs.org/rfcs/rfc2640.html). This allows for proper handling of filenames containing non-English characters, as FTP originally was only designed for 7-bit US-ASCII.
In order to support UTF-8, FileZilla Server now requires at least Windows 2000 or higher, Windows 98 is no longer supported.
You might have problems with some non-UTF8 capable clients that do now support RFC 2640. In this case I recommend to use FileZilla as client, it supports UTF-8.
Recently a security vulnerability has been discovered in zlib which could allow remote code execution under some circumstances.
Remote code execution was not possible with FileZilla Server since zlib was compiled with enabled buffer overflow protection, instead FileZilla Server did just terminate.
Version 0.9.9 fixes this problem, an update is highly recommended.
FileZilla is a fast FTP and SFTP client for Windows with a lot of features. FileZilla Server is a reliable FTP server. FileZilla Server 0.9.6 fixes two problems which could be used as denial of service attacks against FileZilla Server. The first problem involves reserved MSDOS device names like CON, NUL, COM1, LPT1 and such. Under some Windows versions, FileZilla Server could freeze if the user issued a command to access a file containing a reserved name. The problem seems to only occur on Windows 2000 or older.... read more