Primary

Context

BulletProof FTP Server Denial-of-Service Vulnerability in DNS Address Field

Vulnerability

A denial-of-service vulnerability has been identified in BulletProof FTP Server version 2019.0.0.50. The issue arises in the DNS Address field within the Firewall settings, where local attackers can cause the application to crash by entering an excessively long string. Exploitation involves enabling the DNS Address option and pasting a buffer of 700 bytes, which triggers a crash when the Test function is activated.

Impact

Exploiting this vulnerability leads to a crash of the BulletProof FTP Server application, causing a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by enabling the DNS Address option in the Firewall settings and pasting a 700-byte buffer into the DNS Address field. When the Test function is invoked, the application crashes.

Added: Mar 22, 2026, 1:18 AM

Updated: Mar 22, 2026, 1:18 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.2

remediation

0.0

relevance

4.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.2

remediation

0.0

relevance

4.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

BulletProof FTP Server Denial-of-Service Vulnerability in DNS Address Field

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating