Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

DDIVRT-2008-11 BadBlue uninst.exe DoS

from [vulnerabilityresearch] Network Security [Permanent Link]
Subject: DDIVRT-2008-11 BadBlue uninst.exe DoS
Date: 24 Apr 2008 12:08:41 -0000 
Title
-----
DDIVRT-2008-11 BadBlue uninst.exe DoS

Severity
--------
Medium

Date Discovered
---------------
March 5th 2008

Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: Steven James and r@b13$

Vulnerability Description
-------------------------
BadBlue is a web server used for peer-to-peer file sharing. By default, several 
executable files are stored in the web root: badblue.exe, uninst.exe, and 
dyndns.exe. Executable files stored in the web root of BadBlue can be launched 
remotely by any user. This can be leveraged to create a DoS condition by 
repeatedly invoking the uninst.exe executable. Due to the fact that BadBlue has 
not released a patch for the previously documented directory traversal 
vulnerability (CVE 2007-6378), an attacker may utilize these two flaws in 
conjunction to place a malicious executable in the web root and compromise a 
vulnerable server. 

Solution Description
--------------------
Restrict access to the executables already in the web root (badblue.exe, 
uninst.exe, and dyndns.exe) and take steps to ensure that users cannot write 
files to the web root.

Tested Systems / Software (with versions)
------------------------------------------
BadBlue Personal Edition version 2.72 has been tested on Windows XP and Windows 
Server 2003.  Other versions and systems are assumed to be vulnerable.

Vendor Contact
--------------
Vendor Name: BadBlue
Vendor Website: www.badblue.com
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • DDIVRT-2008-11 BadBlue uninst.exe DoS, vulnerabilityresearch <=
Previous by Date:  [Full-disclosure] [ GLSA 200804-28 ] JRockit: Multiple vulnerabilities, Tobias Heinlein
Next by Date:  Trillian 3.1 basic nick crash, jplopezy
Previous by Thread:  [Full-disclosure] [ GLSA 200804-28 ] JRockit: Multiple vulnerabilities, Tobias Heinlein
Next by Thread:  Trillian 3.1 basic nick crash, jplopezy
Indexes:  [Date] [Thread] [Top] [All Lists]