Strumpf Noir Society Advisories ! Public release ! <--# -= BadBlue XSS vulnerabilities / Filesharing Server Worm =- Release date: Tuesday, February 26, 2002 Introduction: BadBlue is the technology behind Working Resources Inc.'s product line with the same name and which, amongst other things, also powers Deerfield.com's D2Gfx file sharing community. Working Resources Inc. : http://www.badblue.com Deerfield's D2Gfx : http://d2gfx.deerfield.com Problem: The BadBlue server technology does not adequately validate and filter URL input from untrustworthy sources. This can be abused to create a malicious link to the server containing arbitrary script code. When a legitimate user browses the malicious link, the script code will be executed in the user's browser. Extending on this problem, it is possible for a remote attacker to gain control of any/all machines performing searches on the network through a combination of this problem and a weak authentication scheme. Cross site scripting example: http://server/