-- [ iSecureLabs BadBlue v1.02 beta for Windows 98, ME and 2000 Advisory ] --

From: acz [iSecureLabs] (aurelien.cabezonat_private)
Date: Wed Aug 22 2001 - 07:28:49 PDT

Next message: mbwhiteat_private: "RE: Bug in MAS90 Accounting Platform remote access?"

Previous message: Michael Paoli: "Adobe Acrobat creates world writable ~/AdobeFnt.lst files"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-- [ iSecureLabs BadBlue v1.02 beta for Windows 98, ME and 2000
Advisory ] --

BadBlue v1.02 beta for Windows 98, ME and 2000 .php Source Code Disclosure
Vulnerability
Problem discovered: 22/08/2001

-- [ Overview ] --

BadBlue is a tiny, free download that lets you share files, search other
PCs and even run powerful web applications.
Badblue support .php extension.
It is possible to retrieve full .php source code.

-- [ Description ] --

Badblue contains an input validation vulnerability which may lead to
download the full source code of .php pages.
This is due to a lack of checks for NULL bytes.

Exemple:
http://myBadBlue.com/test.php%00

Note: It is possible too to download .dll file used by BadBlue.

Exmeple:
http://myBadBlue.com/ext.dll%00

-- [ Tested Version ] --

BadBlue v1.02 beta for Windows 98, ME and 2000

-- [ Fix ] --

According to BadBlue team, a fix will be included in the 1.5 version due
within the next week.
http://badblue.com

-- [ Discovered by ] --

Cabezon Aurélien | aurelien.cabezonat_private
http://www.iSecureLabs.com | French Security portal

Next message: mbwhiteat_private: "RE: Bug in MAS90 Accounting Platform remote access?"
Previous message: Michael Paoli: "Adobe Acrobat creates world writable ~/AdobeFnt.lst files"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Aug 22 2001 - 07:57:08 PDT