BadBlue Directory Traversal Vulnerability

vendor:

D2Gfx

by:

SecurityFocus

7.5

CVSS

HIGH

Directory Traversal

CWE

Product Name: D2Gfx

Affected Version From: BadBlue v1.02

Affected Version To: BadBlue v1.02

Patch Exists: YES

Related CWE: N/A

CPE: a:deerfield:d2gfx

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2002

BadBlue Directory Traversal Vulnerability

BadBlue is prone to directory traversal attacks. It is possible for a remote attacker to submit a malicious web request containing triple-dot-slash (.../) sequences to break out of wwwroot. The attacker may browse arbitrary web-readable files on the host running the vulnerable software. On Windows operating systems, webservers run in the SYSTEM context. A remote attacker may exploit this vulnerability to read any file on the host that will render in their web browser.

Mitigation:

Ensure that the web server is not running in the SYSTEM context.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/4179/info

Working Resources BadBlue is a webserver intended to share various resources and is developed for Microsoft Windows environments.

BadBlue is prone to directory traversal attacks. It is possible for a remote attacker to submit a malicious web request containing triple-dot-slash (.../) sequences to break out of wwwroot. The attacker may browse arbitrary web-readable files on the host running the vulnerable software.

On Windows operating systems, webservers run in the SYSTEM context. A remote attacker may exploit this vulnerability to read any file on the host that will render in their web browser.

Deerfield's D2Gfx is powered by BadBlue v1.02 and should be considered vulnerable as well. 

http://server/.../...//file.ext