BulletProof FTP Client '.bps' File Buffer Overflow Vulnerability

Summary
This host has BulletProof FTP Client installed and is prone to Stack-Based Buffer Overflow vulnerability.
Impact
Successful exploitation will allow attacker to execute arbitrary codes in the context of the application and can cause Denial of Service to the application. Impact Level: Application
Solution
No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. A workaround is to avoid importing untrusted site lists nor attempt to connect to servers with long names. For updates refer to http://www.bpftp.com/
Insight
The flaw is due to improper boundary checks in .bps file with a long second line and bookmark file entry with a long host name.
Affected
BulletProof FTP Client version 2.63.0.56 or prior on Windows
References

Updated on 2017-03-28