CVE-2019-25588

Published: Mar 22, 2026 Last Modified: Mar 22, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 6,9

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

MEDIUM 6,2

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: none

Integrity: none

Availability: high

Description

AI Translation Available

BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the DNS Address field that allows local attackers to crash the application by supplying an excessively long string. Attackers can enable the DNS Address option in the Firewall settings and paste a buffer of 700 bytes to trigger a crash when the Test function is invoked.

1282

Assumed-Immutable Data is Stored in Writable Memory

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Integrity

Potential Impacts:

Varies By Context

Applicable Platforms

All platforms may be affected

View CWE Details

http://bpftpserver.com/

http://bpftpserver.com/

http://bpftpserver.com/products/bpftpserver/windows/download

http://bpftpserver.com/products/bpftpserver/windows/download

https://www.exploit-db.com/exploits/46875

https://www.exploit-db.com/exploits/46875

https://www.vulncheck.com/advisories/bulletproof-ftp-server…

https://www.vulncheck.com/advisories/bulletproof-ftp-server-denial-of-service-v…