CVE-2019-25588

Name of the Vulnerable Software and Affected Versions BulletProof FTP Server version 2019.0.0.50

Description The software contains a denial of service issue in the DNS Address field. Local attackers can cause the application to crash by providing an excessively long string. Specifically, attackers can enable the DNS Address option within the Firewall settings and paste a 700-byte buffer, triggering a crash when the Test() function is called.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.