Home page logo

bugtraq logo Bugtraq mailing list archives

DDIVRT-2008-11 BadBlue uninst.exe DoS
From: vulnerabilityresearch () digitaldefense net
Date: 24 Apr 2008 12:08:41 -0000

DDIVRT-2008-11 BadBlue uninst.exe DoS


Date Discovered
March 5th 2008

Discovered By
Digital Defense, Inc. Vulnerability Research Team
Credit: Steven James and r () b13$

Vulnerability Description
BadBlue is a web server used for peer-to-peer file sharing. By default, several executable files are stored in the web 
root: badblue.exe, uninst.exe, and dyndns.exe. Executable files stored in the web root of BadBlue can be launched 
remotely by any user. This can be leveraged to create a DoS condition by repeatedly invoking the uninst.exe executable. 
Due to the fact that BadBlue has not released a patch for the previously documented directory traversal vulnerability 
(CVE 2007-6378), an attacker may utilize these two flaws in conjunction to place a malicious executable in the web root 
and compromise a vulnerable server. 

Solution Description
Restrict access to the executables already in the web root (badblue.exe, uninst.exe, and dyndns.exe) and take steps to 
ensure that users cannot write files to the web root.

Tested Systems / Software (with versions)
BadBlue Personal Edition version 2.72 has been tested on Windows XP and Windows Server 2003.  Other versions and 
systems are assumed to be vulnerable.

Vendor Contact
Vendor Name: BadBlue
Vendor Website: www.badblue.com

  By Date           By Thread  

Current thread:
  • DDIVRT-2008-11 BadBlue uninst.exe DoS vulnerabilityresearch (Apr 24)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]