Working Resources BadBlue MFCISAPICommand Remote Buffer Overflow Vulnerability

Bugtraq ID:	12673
Class:	Boundary Condition Error
CVE:
Remote:	Yes
Local:	No
Published:	Feb 26 2005 12:00AM
Updated:	Feb 26 2005 12:00AM
Credit:	Andres Tarasco <atarascosia.es> is credited with the discovery of this issue.
Vulnerable:	Working Resources Inc. BadBlue 2.55
Not Vulnerable:	Working Resources Inc. BadBlue 2.61 Working Resources Inc. BadBlue 2.60

Working Resources BadBlue MFCISAPICommand Remote Buffer Overflow Vulnerability

A remote buffer overflow vulnerability affects Working Resources BadBlue. This issue is due to a failure of the application to securely copy GET request parameters into finite process buffers.

An attacker may leverage this issue to execute arbitrary code with the privileges of the affected Web server, facilitating a SYSTEM level compromise.

Working Resources BadBlue MFCISAPICommand Remote Buffer Overflow Vulnerability

The following exploits have been made available:

• /data/vulnerabilities/exploits/badBlueBufferOverflowExpl.c
• /data/vulnerabilities/exploits/badBlueExploit.cpp

Working Resources BadBlue MFCISAPICommand Remote Buffer Overflow Vulnerability

Solution:
The vendor has released an upgrade dealing with this issue.


Working Resources Inc. BadBlue 2.55

• Working Resources Inc. BadBlue 2.61
  http://badblue.com/bb95.exe

Working Resources BadBlue MFCISAPICommand Remote Buffer Overflow Vulnerability

References:

• BadBlue Product Homepage (Working Resources Inc)