Executive Summary

This vulnerability is a local denial of service (DoS) in Cobian Backup 11 Gravity version 11.2.0.582. It occurs because the application does not properly check the size of the input in the FTP password field. An attacker can input a specially crafted 800-byte buffer (an excessively long password string) which causes the application to crash. This is a classic buffer overflow issue affecting the password input field. [1, 2]

Useful 0 Not Useful 0

Impact Analysis

The impact of this vulnerability is a denial of service condition where the Cobian Backup application crashes when the specially crafted password is input. This disrupts backup operations, potentially causing loss of availability of backup services. Since the attack requires local access and no privileges, an attacker with local access can cause the application to become unavailable, impacting system reliability. [1, 2]

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by attempting to reproduce the crash locally on the affected system. Specifically, you can run a script that generates an 800-byte string (e.g., 800 'A' characters), copy this string to the clipboard, then open Cobian Backup 11 Gravity, create a new FTP backup task, and paste the long string into the FTP password field. If the application crashes, the vulnerability is present. There are no specific network detection commands since this is a local vulnerability requiring local access. [1, 2]

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation steps include avoiding the use of the FTP password input field with excessively long inputs and restricting local access to trusted users only, as the vulnerability requires local access. Monitoring for application crashes when creating or editing FTP backup tasks can help identify exploitation attempts. Applying any available updates or patches from CobianSoft when released is recommended. [2, 3]

Useful 0 Not Useful 0