Release DateDec 24, 2011 |
Severityhigh |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems |
DescriptionThis indicates an attack attempt to exploit a Buffer Overflow vulnerability in BadBlue. BadBlue is a free personal file-sharing Web server developed by Working Resources Inc.The vulnerability is due to a boundary error in "ext.dll" when processing HTTP requests. This can be exploited to cause a buffer overflow by supplying a specially crafted HTTP request with an overly long "mfcisapicommand" parameter. |
Affected ProductsWorking Resources Inc. BadBlue 2.55. |
Recommended ActionsUpgrade to Working Resources Inc. BadBlue 2.61 or newer. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2005-0595 |
Reference/shttp://www.securityfocus.com/bid/12673 (BugTraq) |
