Working Resources BadBlue 1.7.x/2.x Unauthorized Proxy Relay Vulnerability

2002-12-11T00:00:00
ID EDB-ID:24409
Type exploitdb
Reporter Texonet
Modified 2002-12-11T00:00:00

Description

Working Resources BadBlue 1.7.x/2.x Unauthorized Proxy Relay Vulnerability. Remote exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/11030/info

BadBlue is prone to a vulnerability that may let the application be abused as a proxy. This vulnerability presents itself due to the 'Pass Thru' function allowing the server to be used as a proxy. This could be exploited by malicious parties to obfuscate their identities and bypass network access controls and firewalls.

BadBlue Personal Edition versions 2.5 and prior are reportedly affected by this issue. 

http://www.example.com/ext.dll?mfcisapicommand=PassThru&url=[Any IP:Any Port]/[Any Command]