Subscribe to Windows IT Pro
February 17, 2001 12:00 AM

Multiple Vulnerabilities In Bad Blue Web Server

Steve Manzuik
Windows IT Pro
InstantDoc ID #20042
Rating: (0)

Reported February 17, 2001, by Win2KSecAdvice.

VERSIONS AFFECTED
  • BadBlue Web Server

DESCRIPTION

Multiple vulnerabilities have been discovered in BadBlue Web Server. The first issue is a directory disclosure vulnerability, where a malicious user can discover the physical path of the Web server files. Using the URL http://webserver.com/ext.dll returns the message "Error opening C:\webserverpath\default.htx." The second issue is a Denial of Service (DoS) attack, where a malicious user can simply insert a data string of 284 bytes or more in the URL, causing the Web server to stop responding.

VENDOR RESPONSE

The vendor, Working Resource, Inc., has released a new version to address this issue.

CREDIT
Discovered by Strumf Noir.

Related Content:

ARTICLE TOOLS

Comments
Add A Comment
    There are no comments to display. Be the first one!
You must log on before posting a comment.

Are you a new visitor? Register Here

advertisement

advertisement

Dev Pro Left-Brain SharePoint Pro SQL Server Pro SuperSite for Windows Windows IT Pro

© 2012 Penton Media, Inc.

Home About Us Advertise Customer Service Privacy Statement Subscribe/Renew Terms Of Use

Windows is a trademark of the Microsoft group of companies. Windows IT Pro is used by Penton Media Inc. under license from owner.