[22369] in bugtraq
-- [ iSecureLabs BadBlue v1.02 beta for Windows 98, ME and 2000 Advisory ] --
daemon@ATHENA.MIT.EDU (acz [iSecureLabs])
Wed Aug 22 11:01:10 2001
From: "acz [iSecureLabs]" <aurelien.cabezon@iSecureLabs.com>
To: <bugtraq@securityfocus.com>
Cc: <vulnwatch@vulnwatch.org>
Date: Wed, 22 Aug 2001 16:28:49 +0200
Message-ID: <GCEDJILAIFDLIEDHEIMPOEHHCJAA.aurelien.cabezon@iSecureLabs.com>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
-- [ iSecureLabs BadBlue v1.02 beta for Windows 98, ME and 2000
Advisory ] --
BadBlue v1.02 beta for Windows 98, ME and 2000 .php Source Code Disclosure
Vulnerability
Problem discovered: 22/08/2001
-- [ Overview ] --
BadBlue is a tiny, free download that lets you share files, search other
PCs and even run powerful web applications.
Badblue support .php extension.
It is possible to retrieve full .php source code.
-- [ Description ] --
Badblue contains an input validation vulnerability which may lead to
download the full source code of .php pages.
This is due to a lack of checks for NULL bytes.
Exemple:
http://myBadBlue.com/test.php%00
Note: It is possible too to download .dll file used by BadBlue.
Exmeple:
http://myBadBlue.com/ext.dll%00
-- [ Tested Version ] --
BadBlue v1.02 beta for Windows 98, ME and 2000
-- [ Fix ] --
According to BadBlue team, a fix will be included in the 1.5 version due
within the next week.
http://badblue.com
-- [ Discovered by ] --
Cabezon Aurélien | aurelien.cabezon@iSecureLabs.com
http://www.iSecureLabs.com | French Security portal
