Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.9
BulletProof FTP Server Crashes with Long DNS Address Input
CVE-2019-25588
Summary
Attackers with local access to the FTP server can crash the application by entering a very long string in the DNS Address field. This causes the server to stop working, but it does not allow the attacker to access sensitive data. To protect your server, update to a fixed version or restrict access to the DNS Address field.
Original title
BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the DNS Address field that allows local attackers to crash the application by supplying an excessively long string. ...
Original description
BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the DNS Address field that allows local attackers to crash the application by supplying an excessively long string. Attackers can enable the DNS Address option in the Firewall settings and paste a buffer of 700 bytes to trigger a crash when the Test function is invoked.
nvd CVSS3.1
6.2
nvd CVSS4.0
6.9
Vulnerability type
CWE-1282
Published: 22 Mar 2026 · Updated: 22 Mar 2026 · First seen: 22 Mar 2026