BadBlue Detection

Checks whether BadBlue is present on the target system and if so, tries to figure out the installed version. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU Genera...

Working Resources BadBlue 1.7 EXT.DLL Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5086/info BadBlue is a P2P file sharing application distributed by Working Resources. The ext.dll ISAPI does not sufficiently sanitize input. Because of this, it is possible for a user to create a custom URL containing...

Working Resources BadBlue 1.2.7 DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2392/info It is possible for a remote user to cause a denial of service condition in Working Resources BadBlue. Requesting a specially crafted URL composed of 284 or more bytes, will cause the server to crash. A restart o...

Working Resources BadBlue 1.7.3 cleanSearchString() Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5179/info BadBlue is a P2P file sharing application distributed by Working Resources. It is designed for use on Microsoft Windows operating systems. BadBlue is operated through a web interface, generated by an included we...

Working Resources BadBlue 1.2.7 Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2390/info Requesting a specially crafted URL to a machine running Working Resources BadBlue, will disclose the physical path to the root directory. http://target/ext.dll will result in: Error: opening c:\program...

Working Resources BadBlue 1.7.1 Search Page Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6253/info The ext.dll ISAPI does not sufficiently sanitize user-supplied input when processing search queries. This may allow an attacker to create a custom URL containing script code that, when viewed in a browser by a...

Bad Blue Web Server Directory Traversal - Ver2 (CVE-2002-0325)

A directory traversal vulnerability has been reported in Working Resources Inc. Badblue. Successful exploitation of this vulnerability would allow a remote attacker to list directories on the affected system...

CVE-2002-2170

The CVE affects BadBlue Enterprise Edition versions 1.7–1.74. The root cause is insufficient authentication when attempts to restrict administrator actions to localhost IP, allowing a remote attacker to trigger arbitrary code execution via an HTTP POST to the dir.hts page on localhost, which can ...

Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow (1)

Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow 1 // source: https://www.securityfocus.com/bid/12673/info A remote buffer overflow vulnerability affects Working Resources BadBlue. This issue is due to a failure of the application to securely copy GET request parameters int...

Working Resources BadBlue 1.2.7 - Full Path Disclosure

Working Resources BadBlue 1.2.7 - Full Path Disclosure source: https://www.securityfocus.com/bid/2390/info Requesting a specially crafted URL to a machine running Working Resources BadBlue, will disclose the physical path to the root directory. http://target/ext.dll will result in: Error: opening...

Working Resources BadBlue 1.2.7 - Denial of Service

source: https://www.securityfocus.com/bid/2392/info It is possible for a remote user to cause a denial of service condition in Working Resources BadBlue. Requesting a specially crafted URL composed of 284 or more bytes, will cause the server to crash. A restart of the server is required in order ...

Working Resources BadBlue 1.2.7 - Full Path Disclosure

source: https://www.securityfocus.com/bid/2390/info Requesting a specially crafted URL to a machine running Working Resources BadBlue, will disclose the physical path to the root directory. http://target/ext.dll will result in: Error: opening c:\program files\badblue\pe\default.htx 2...

Working Resources BadBlue 1.2.7 - Denial of Service

Working Resources BadBlue 1.2.7 - Denial of Service source: https://www.securityfocus.com/bid/2392/info It is possible for a remote user to cause a denial of service condition in Working Resources BadBlue. Requesting a specially crafted URL composed of 284 or more bytes, will cause the server to...