Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2019-25588 is a denial of service (DoS) vulnerability in BulletProof FTP Server version 2019.0.0.50. It occurs because the application improperly handles an excessively long string input in the DNS Address field within the Firewall settings.'}, {'type': 'paragraph', 'content': "A local attacker can enable the DNS Address option and supply a buffer of about 700 bytes. When the 'Test' function is invoked, this causes the application to crash, resulting in a denial of service."}, {'type': 'paragraph', 'content': 'This vulnerability is classified under CWE-1282, involving assumed-immutable data stored in writable memory.'}] [3, 4]

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can cause the BulletProof FTP Server application to crash, leading to a denial of service condition.

Since the attack requires local access but no privileges or user interaction, an attacker with local access can disrupt the availability of the FTP server by triggering this crash.

The impact is specifically on availability, meaning legitimate users may be unable to use the FTP service while the server is crashed.

Useful 0 Not Useful 0

Compliance Impact

I don't know

Useful 0 Not Useful 0

Detection Guidance

[{'type': 'paragraph', 'content': "This vulnerability can be detected by testing the DNS Address field in the BulletProof FTP Server firewall settings with an excessively long string of approximately 700 bytes. When the 'Test' function is invoked with this input, the application crashes, indicating the presence of the vulnerability."}, {'type': 'paragraph', 'content': "A proof-of-concept method involves generating a payload consisting of 700 'A' characters, copying it to the clipboard, enabling the DNS Address option in the firewall settings, pasting the payload, and clicking the 'Test' button to observe if the server crashes."}, {'type': 'paragraph', 'content': 'The steps to reproduce the detection are:'}, {'type': 'list_item', 'content': 'Run the provided Python script (BulletProof_DNS_Server_2019.0.0.50.py) to generate the payload file.'}, {'type': 'list_item', 'content': 'Open the generated file (bullet_storage.txt), copy its contents to the clipboard.'}, {'type': 'list_item', 'content': 'Open BulletProof FTP Server and navigate to Settings > Protocols > FTP > Firewall.'}, {'type': 'list_item', 'content': "Enable the 'DNS Address' option and paste the clipboard content."}, {'type': 'list_item', 'content': "Click the 'Test' button and check if the application crashes."}] [4]

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation steps include avoiding enabling the DNS Address option in the firewall settings of BulletProof FTP Server version 2019.0.0.50 or earlier, as this is the feature exploited by the vulnerability.

If the DNS Address option must be used, ensure that no excessively long strings (around 700 bytes) are entered into this field to prevent triggering the denial of service.

Additionally, consider updating to a newer, patched version of BulletProof FTP Server if available, or applying any vendor-provided patches or workarounds once released.

Useful 0 Not Useful 0