BulletProof FTP Client '.bps' File Buffer Overflow Vulnerability

This host has BulletProof FTP Client installed and is prone to Stack-Based Buffer Overflow vulnerability.
Successful exploitation will allow attacker to execute arbitrary codes in the context of the application and can cause Denial of Service to the application. Impact Level: Application
No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. A workaround is to avoid importing untrusted site lists nor attempt to connect to servers with long names. For updates refer to http://www.bpftp.com/
The flaw is due to improper boundary checks in .bps file with a long second line and bookmark file entry with a long host name.
BulletProof FTP Client version or prior on Windows

Updated on 2017-03-28