CVE-2019-25587

CVSS v3.1

6.2

Medium

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the Storage-Path configuration parameter that allows local attackers to crash the application by supplying an excessively long string value. Attackers can enable the Override Storage-Path setting and paste a buffer of 500 bytes or more to trigger an application crash when saving the configuration.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1282

Related Identifiers

CVE-2019-25587

Affected Products

Bulletproof Ftp Server

CVE-2019-25587

Weakness Enumeration

Related Identifiers

Affected Products

References · 5