TR: BadBlue v1.02 beta for Windows 98, ME and 2000 .php Source Code Disclosure Vulnerability

From: acz [iSecureLabs] (aurelien.cabezon@iSecureLabs.com)
Date: 08/22/01 

From: "acz [iSecureLabs]" <aurelien.cabezon@iSecureLabs.com>
To: "Vuln-Dev@Securityfocus.Com" <vuln-dev@securityfocus.com>, <nt-securite@ossir.org>
Subject: TR: BadBlue v1.02 beta for Windows 98, ME and 2000  .php Source Code Disclosure Vulnerability
Date: Wed, 22 Aug 2001 13:57:51 +0200
Message-ID: <GCEDJILAIFDLIEDHEIMPMEHCCJAA.aurelien.cabezon@iSecureLabs.com>

Here is the answer from the BadBlue Team :

Thanks for the update. A fix will be included in the 1.5 version due within
the next week.
Thanks Dave 

---
Cabezon Aurelien | aurelien.cabezon@iSecureLabs.com
http://www.iSecureLabs.com | French Security Portal

-----Message d'origine-----

On Wed, 22 Aug 2001 11:11:28
 acz [iSecureLabs] wrote:
>-- [ iSecureLabs BadBlue v1.02 beta for Windows 98, ME and 2000
>Advisory ] --
>
>BadBlue v1.02 beta for Windows 98, ME and 2000 .php Source Code Disclosure
>Vulnerability
>Problem discovered: 22/08/2001
>
>-- [ Overview ] --
>
>BadBlue http://badblue.com/ is a tiny, free download that lets you share
>files, search other
>PCs and even run powerful web applications.
>Badblue support .php extension.
>It is possible to retrieve full .php source code.
>
>-- [ Description ] --
>
>Badblue contains an input validation vulnerability which may lead to
>download the full source code of .php pages.
>This is due to a lack of checks for NULL bytes.
>
>Exemple:
>http://myBadBlue.com/test.php%00
>
>Note: It is possible too to download .dll file used by BadBlue.
>
>Exmeple:
>http://myBadBlue.com/ext.dll%00
>
>-- [ Tested Version ] --
>
>BadBlue v1.02 beta for Windows 98, ME and 2000
>
>-- [ Discovered by ] --
>
>Cabezon Aurelien | aurelien.cabezon@iSecureLabs.com
>http://www.iSecureLabs.com | French Security portal
>http://www.isecurelabs.com/advisory/badblue.html
>
>
>
>

Get 250 color business cards for FREE!
http://businesscards.lycos.com/vp/fastpath/

Relevant Pages

  • BadBlue v1.02 beta for Windows 98, ME and 2000 .php Source Code Disclosure Vulnerability
    ... BadBlue v1.02 beta for Windows 98, ME and 2000 .php Source Code Disclosure Vulnerability ... It is possible to retrieve full .php source code. ...
    (Vuln-Dev)
  • [EXPL] Exploit Code Released for MFC ISAPI Framework Buffer Overflow (BadBlue PWS)
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... The vulnerability itself lies in the way MFC's ISAPI ... Resources' BadBlue PWS. ... Response Center within minutes of this e-mail from the ...
    (Securiteam)
  • [resend] Strumpf Noir Society on BadBlue
    ... BadBlue is the technology behind Working Resources Inc.'s product line with ... The attacks themselves consist of administrative command execution through ... abused in the form of a resource exhaustion attack. ... "BadBlue Extensions Authentication Bypassing Vulnerability" ...
    (Bugtraq)
  • [NT] BadBlue EXT.DLL XSS Variant
    ... Details of BadBlue EXT.DLL Vulnerability, ... BadBlue, it is prone to XSS attacks. ... The information in this bulletin is provided "AS IS" without warranty of any kind. ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
    (Securiteam)
  • [NT] Three New BadBlue Vulnerabilities
    ... Three new vulnerabilities have been found in BadBlue, a denial of service, ... Invalid GET Request Vulnerability ... filename component) it is possible to cause the server to stop handling ...
    (Securiteam)