Resource management error in BearFTP

#VU25369 Resource management error in BearFTP

Published: 2020-02-14

Vulnerability identifier: #VU25369

Vulnerability risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-8815

CWE-ID: CWE-399

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
BearFTP
Server applications / File servers (FTP/HTTP)

Vendor: IKTeam

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper connection handling in the base connection handler. A remote attacker can cause a denial of service condition via a Slowloris approach by sending a large volume of small packets.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

BearFTP: 0.0.1 - 0.3.0

External links
http://github.com/kolya5544/BearFTP
http://github.com/kolya5544/BearFTP/blob/f5a8047587c1a96456d4f291c12b038b9ab0d0c5/BearFTP/Program.cs#L503-L525
http://github.com/kolya5544/BearFTP/commit/17a6ead72d4a25cbfcef5e27613aa0a5f88a4b26
http://github.com/kolya5544/BearFTP/commit/66dc9d95e58bca133f265457d32007cdf38b66ad
http://github.com/kolya5544/BearFTP/releases/tag/0.4.0

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Denial of service in BearFTP